Overview
The short version: the free Claude Code skill suite runs entirely on your machine and sends us nothing. The free URL scanner sees only the URL you paste. The paid Patrol monitoring plans see the domains and GitHub organizations you explicitly authorize, and every secret they find is redacted to a fingerprint before it's ever stored. We don't sell data, we don't run ad trackers, and we don't have a marketing pixel on this site.
This policy covers lictor-ai.com (this marketing site and the free scan tool it hosts) and app.lictor-ai.com (the Guardian dashboard, account, and billing system behind the paid Patrol plans). It does not cover the Claude Code skill suite itself, which is open-source software that runs on your machine and makes no network calls of its own. See the docs for exactly what each check reads.
The data controller is Lictor AI, operated by Raffa Jarrl, based in Israel.
What we collect, by product
The Claude Code skill suite (free, open source)
Nothing. The audit, explain, fix-it, and rotate skills run locally inside your own Claude Code session, read your own project files, and never make a network call to any Lictor server. We have no way to see that you installed it, ran it, or what it found. The only thing we can see is a public GitHub star or clone, the same as any other open-source repository.
The free URL scanner (/scan/)
When you paste a URL, our Cloudflare Worker fetches that URL the way any browser would (headers, HTTPS status, a few common paths like .env) and grades the result. We collect:
- The URL you submit, for the duration of the request. We don't publish or share it without your consent.
- One anonymous fingerprint per scan if you check the opt-in consent box: a hash of (check type + severity + platform), with no URL, hostname, or other identifying detail. This powers our public research into what AI-built apps get wrong; it never contains your data.
- Rate-limit bookkeeping: your IP address is used transiently (via Cloudflare KV) to enforce an 8-scans-per-hour limit, then discarded.
We don't require a signup or account to use the scanner.
Patrol monitoring, the paid Business plans
When you subscribe to a Silver, Gold, or Diamond plan and add a domain or GitHub organization, Patrol continuously checks the public surface of only the assets you've explicitly authorized. We collect:
- The domains and GitHub organizations you register for monitoring.
- Findings from those scans: exposed config, open databases, leaked secrets, and similar. Every secret is redacted to a 16-character fingerprint at the point of detection; the live credential itself is never stored or transmitted. See how we verify a finding before it's raised for the evidence bar we hold ourselves to.
- Alert delivery details: the email address (and, on higher tiers, phone number) you provide for notifications.
Patrol is observe-only: it reads what's already public and never attempts to log in, exploit, or modify anything on your systems.
Your Guardian account and billing
To create an account at app.lictor-ai.com we collect your email address (used for magic-link sign-in; we don't store or ask for a password) and, for paid plans, billing information handled directly by our payment processor. We don't store your card number ourselves. Guardian keeps an append-only audit log of account activity and incident history, which you can export as CSV or JSON at any time.
Who we share data with
We use a small number of infrastructure providers to run Lictor. None of them get to use your data for their own purposes; they process it only to provide the service to us.
| Provider | What it's used for |
|---|---|
| Cloudflare | Hosting for this site and the scan API, DNS, and email routing. Cloudflare also automatically obfuscates email addresses on this site against scraper bots. |
| Google Workspace | Email for our own inboxes (Raffa@, support@, abuse@lictor-ai.com). This site also loads Cormorant Garamond, Inter, and JetBrains Mono from Google Fonts, which sends your browser's IP address to Google when the page loads. |
| Postmark | Sends Guardian's transactional email: magic-link sign-in links and DLP/incident alerts. Postmark does not receive your Patrol findings, only the alert text we generate. |
| PayPal | Processes payment for the paid Business plans. We never see or store your card details; PayPal handles that directly. |
| Paddle | Merchant of Record and payment processor for paid Business plans placed through it. Paddle handles checkout, billing, sales tax/VAT, and receipts; we never see or store your card details. |
| GitHub | If you authorize Patrol to monitor a GitHub organization, we use GitHub's API within the scope you grant to check for exposed secrets in that org. |
We don't sell, rent, or otherwise disclose your data to third parties for their marketing purposes. If we're ever legally compelled to disclose data (a valid court order, for example), we'll notify the affected account unless we're legally prohibited from doing so.
How long we keep it
- Scan URLs: kept only for the duration of processing the request, not persisted afterward.
- Anonymous scan fingerprints: kept indefinitely as aggregate research data, since they contain nothing that identifies you or your site.
- Patrol findings and audit logs: kept for the life of your account, plus a reasonable window afterward for billing and dispute records, then deleted. Ask support@lictor-ai.com for an earlier deletion.
- Account and billing records: kept as long as required by applicable tax and accounting law after account closure.
Security measures
The technical detail lives in full on our compliance page; the summary:
- All Patrol↔Guardian traffic is encrypted in transit (TLS 1.2+).
- Magic-link sign-in tokens are stored as SHA-256 hashes, never in plain text.
- Guardian's audit log is append-only, enforced at the database level. Not even a privileged operator can silently edit incident history.
- Every secret Patrol finds is redacted to a fingerprint before storage; the live credential is never persisted.
- Guardian is a per-tenant isolated system with bearer-token authentication and no cross-account read paths.
Your rights
If you're in the EU/EEA or UK, GDPR gives you the right to access, correct, delete, or export the personal data we hold on you, and to object to or restrict certain processing. Israel's Privacy Protection Law provides broadly equivalent rights. Wherever you're based, we'll honor these requests as a matter of policy, not just where legally required.
To exercise any of these, email support@lictor-ai.com. We'll acknowledge within 5 business days.
International transfers
Lictor is based in Israel. Our infrastructure providers (Cloudflare, Google, Postmark, PayPal, Paddle, GitHub) operate globally, which means your data may be processed outside your home country. Each of these providers maintains its own data-transfer safeguards (standard contractual clauses or equivalent); we don't operate our own overseas data centers beyond what these providers run.
Children's privacy
Lictor is a developer security tool, not directed at children. We don't knowingly collect data from anyone under 16. If you believe a child has provided us data, contact us and we'll delete it.
Changes to this policy
If we make a material change, we'll update the effective date above and, for signed-in Guardian customers, notify you by email. Check back here for the current version; it's the one that governs.