Privacy Policy

Introduction

At Sceptrum, privacy isn't just a compliance requirement—it's core to our mission. This Privacy Policy explains how we collect, process, and protect your information.

Last Updated: December 2025

What We Collect

On-Device Activity

Sceptrum monitors these activities locally on your computer:

• Process Activity — Application names and their resource requests
• Resource Access — Requests to microphone, camera, clipboard, and file system
• Network Activity — Outbound connections and AI API calls detected by pattern analysis
• System Performance — CPU, memory, and disk usage metrics

Important: This data is processed and encrypted locally. We don't transmit your activity logs to our servers unless you explicitly opt in.

Account Information

If you create a Sceptrum account or join our beta:

• Email address
• Full name (optional)

Diagnostic Data (Optional)

With your permission, we collect anonymized crash reports and performance metrics to improve the product. These reports are never linked to your personal identity.

Website Usage

Our website uses minimal tracking. We use session-only cookies for functionality and do not use third-party advertising cookies.

How We Use Your Data

We use collected information for:

• Product Development — Improving features, performance, and user experience
• Security — Detecting and preventing threats on your device
• Support — Helping you troubleshoot and resolve issues
• Communication — Sending product updates, security alerts, and release notes
• Legal Compliance — Meeting regulatory requirements

How We Protect Your Data

On-Device Encryption

All sensitive data on your device is encrypted using AES-256 encryption. Your monitoring logs, preferences, and rules remain encrypted at rest.

Secure Transmission

When data must leave your device, it's encrypted using TLS 1.3. No unencrypted data ever leaves your computer.

Server Security

Our infrastructure uses industry best practices:

• SOC 2 Type II certified data centers
• Two-factor authentication for all admin access
• Regular security audits and penetration testing
• Automated encrypted backups with geographic redundancy
• Zero-trust network architecture

Security Standards

Your Privacy Rights

Right to Access

Request a copy of all data we hold about you. We'll provide a complete export within 30 days.

Right to Delete

Request deletion of your account and data at any time. We'll permanently delete everything within 30 days, except where legally required to retain records.

Right to Correct

Update or correct inaccurate information in your account at any time.

Right to Opt-Out

Disable optional data sharing (diagnostics, telemetry) anytime in your settings.

Right to Portability

Export your data in standard formats (JSON, CSV).

To exercise any of these rights, email privacy@sceptrum.com with your request.

How Long We Keep Your Data

Third-Party Services

Sceptrum uses minimal external services. All third parties are contractually bound to protect your data:

• Cloud Hosting — AWS (US East, SOC 2 Type II certified)
• Analytics — Self-hosted only (no external analytics providers)
• Support — Encrypted ticketing system (no third-party SaaS)

We never share personal data with advertising networks, data brokers, or marketing firms.

Children's Privacy

Sceptrum is intended for users 18 and older. We don't knowingly collect data from children under 13.

If we discover data from a child under 13, we will delete it immediately.

Users aged 13–18 require parental or guardian consent.

Changes to This Policy

We update this policy as our products and practices evolve. For significant changes, we'll notify you via email or in-app notification.

Your continued use of Sceptrum after policy updates means you accept the changes.

Contact Us

Questions about your privacy? Reach out: