Privacy Policy

Last updated: 1 February 2026

1. Who We Are

ShieldCortex is operated by Drakon Systems Ltd, a company registered in England & Wales under company number 16867343. Registered office: 34 Lumina Way, Enfield, England, EN1 1FS.

For any privacy-related enquiries, contact us at support@drakonsystems.com.

2. Data We Collect

npm Package — default install

On a default install with no Cloud API key configured, the ShieldCortex npm package runs entirely on your machine. Your memories, audit logs, scan results, and configuration stay in ~/.shieldcortex/ on the local filesystem. Nothing leaves your machine.

npm Package — opt-in Cloud sync (when enabled)

If you opt in to ShieldCortex Cloud (via npx shieldcortex config --cloud-api-key <key> --cloud-enable or by signing up through the local dashboard), the package fires-and-forgets a POST /v1/audit/ingest on every scan to api.shieldcortex.ai. The request body contains audit metadata only — never the scanned content:

  • Timestamp of the scan
  • Source type (e.g. claude-code, openclaw, cli) and source identifier (a string you choose; defaults to a non-PII process tag)
  • Pipeline result (ALLOW / BLOCK / QUARANTINE)
  • Anomaly score and trust score (numbers between 0 and 1)
  • Threat indicator labels (e.g. data_exfiltration, stealth_instruction) — labels only, never the matching text
  • Device identifier (a stable UUID generated on first run; not derived from hardware)

You can disable Cloud sync at any time with npx shieldcortex config --cloud-disable or by deleting ~/.shieldcortex/config.json. The fire-and-forget contract means a disabled or unreachable cloud never blocks a local scan.

LLM Verification (Pro plan and above)

Pro, Team, and Enterprise plans include an opt-in second-opinion check at POST /v1/verify that forwards the scanned content to an LLM sub-processor for review.

  • Sub-processor: Anthropic, PBC — model claude-3-5-haiku-20241022 via the Anthropic API.
  • What is sent: the content you submitted for verification, the pipeline result, anomaly and trust scores, and threat indicators.
  • Retention & training: Anthropic's API does not use submitted content for model training; their commercial terms include zero data retention beyond what is needed to serve the request and operational logging. See anthropic.com/legal/commercial-terms.
  • Default: Verify is off by default. Free-tier users cannot enable it; Pro+ users must hold the verify API-key scope and explicitly call the endpoint.

Website

When you visit shieldcortex.ai or related pages, we may collect:

  • Standard server access logs (IP address, user agent, pages visited) — Fly.io edge logs
  • Google Analytics 4 events — only after you click Accept on the cookie banner (see §3)
  • Email address — only if you voluntarily submit it (waitlist, magic-link login, support enquiry)

SaaS Platform (ShieldCortex Cloud)

When you use ShieldCortex Cloud, we additionally collect: your email address (magic-link authentication), team membership records, usage counters per billing period, and — for paid plans — payment details processed by Stripe (we do not see or store your card number). Audit-metadata records are retained per your plan: 7 days on Free, 90 days on Pro, 1 year on Team, configurable on Enterprise.

3. Cookies & Analytics

Our website uses Google Analytics 4 (GA4) to measure aggregate site usage. By default we set Google Consent Mode v2 to deny analytics storage; GA4 only stores or reads identifiers after you click Accept on our cookie banner. Rejecting (or ignoring) the banner keeps analytics_storage in the denied state — GA still sees that a page loaded but cannot read or write cookies.

  • Personal data processed: pseudonymous client identifier, IP address (truncated by Google), pages visited, approximate location (country/region).
  • Retention: 14 months (GA4 default).
  • Lawful basis: consent (Article 6(1)(a) UK GDPR).
  • Withdraw consent: clear cookie-consent in this site's localStorage; the banner reappears on next visit.
  • Provider DPA: business.safety.google/processorterms (Google Ireland Ltd as processor).

We do not use Google Ads, advertising cookies, or cross-site tracking. ad_storage, ad_user_data, and ad_personalization are hard-denied at the Consent Mode default and are never updated.

4. Third-Party Services

We use the following third-party services:

  • Fly.io — hosting infrastructure
  • GitHub — source code hosting and issue tracking
  • npm — package distribution
  • Formspree — waitlist form processing (if used)

Each of these services has their own privacy policies governing data they process.

5. GDPR Compliance

As a UK-based company, we comply with the UK GDPR and the Data Protection Act 2018. Under these regulations, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data
  • Portability — request your data in a machine-readable format
  • Object — object to processing of your data

To exercise any of these rights, email support@drakonsystems.com.

6. Data Retention

Server logs are retained for up to 30 days. Waitlist email addresses are retained until the product launches or you request removal. We do not retain data longer than necessary for the purposes described in this policy.

7. Data Security

We implement appropriate technical and organisational measures to protect personal data, including encrypted connections (TLS), access controls, and regular security reviews.

8. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via our website or blog. Continued use of our services after changes constitutes acceptance of the updated policy.

9. Contact

Drakon Systems Ltd
Company number 16867343 (England & Wales)
34 Lumina Way, Enfield, England, EN1 1FS
support@drakonsystems.com