Legal and compliance framework
Privacy and data handling
The service stores only what is required to run the audit workspace, score extensions and process contact requests.
Data processed
Accounts contain the work email, company, audit history and messages submitted through the contact form.
- Inventories are used to compute scores and generate remediation guidance.
- Security logs are used to detect sign-ins, role changes and sensitive actions.
Expected customer usage
The customer organization remains responsible for what it imports into the audit workspace.
- Do not import secrets, raw cookies, customer prompts or unnecessary personal data into inventories.
- Exports should stay limited to extension names, permissions and governance metadata needed for the audit.
The product is designed for extension inventory and security prioritization, not for hosting secrets or broader business data.