Privacy Policy

Last updated: April 24, 2026

CyberShelt LLC ("Company", "we", "us") operates the Intreys deep packet inspection platform and the intreys.com website. This Privacy Policy describes how we collect, use, and protect your information.

1. Our Privacy Principles

Intreys is built for security professionals who handle sensitive network data. Our core principle is: your packet data stays on your machine. We designed Intreys to work fully offline, and we never collect, transmit, or have access to your PCAP files, analysis results, or network captures.

2. Information We Collect

2.1 Account Information

When you create an account in the desktop application:

• Username and email address — used for authentication and communication
• Password — stored as a salted PBKDF2-SHA256 hash; we never store or see your plaintext password
• Account role — for access control within the application

Account data is stored locally on your machine in the application data directory. It is not transmitted to our servers unless you initiate a license activation or trial signup.

2.2 License and Billing Information

When you purchase a license or activate a trial:

• Email address — to deliver your license key and billing communications
• Machine fingerprint — a one-way hash of hardware identifiers used to bind licenses to machines; we cannot reverse this to identify your hardware
• License key and tier — stored on our license server to validate your subscription
• Stripe customer ID — we do not store credit card numbers; all payment processing is handled by Stripe

2.3 Website Analytics

The intreys.com website uses Cloudflare Web Analytics, which is privacy-first, cookie-free, and does not track individual users. We collect aggregate page view and visit data only.

2.4 Information We Do NOT Collect

• PCAP files or network capture data
• Analysis results, threat findings, or intelligence reports
• IP addresses of hosts in your captures
• API keys you configure for third-party services
• Any data processed within the desktop application

3. How We Use Information

Data	Purpose	Legal Basis
Email address	License delivery, account verification, billing notifications, security alerts	Contract performance
Machine fingerprint	License binding and seat enforcement	Contract performance
Stripe customer ID	Subscription management and billing	Contract performance
Aggregate website analytics	Improve website content and performance	Legitimate interest

4. Third-Party Services

We use the following third-party services to operate the business (license server, billing, transactional email, marketing site):

Vendor	Purpose	Data shared	Region
Stripe	Payment processing & subscription billing	Email, Stripe customer ID, billing address (entered by you)	US / EU
Resend	Transactional email (license keys, billing notices)	Email, message body	US
Cloudflare	Website hosting, Workers KV, R2, web analytics	License records (email + machine fingerprint), aggregate page-view metrics	Global edge

See: Stripe · Resend · Cloudflare.

The desktop application may optionally connect to third-party threat-intelligence APIs (AbuseIPDB, VirusTotal, GreyNoise, Shodan, OTX, URLScan) if you enable online enrichment and provide your own API keys. These connections are initiated by you and governed by those services' privacy policies. We do not act as an intermediary for those requests.

5. AI Sub-Processors (Conditional)

Intreys ships with AI features. By default Intreys runs AI locally on your hardware — nothing about your captures or analysis leaves your machine. Cloud AI providers are opt-in, gated by an in-app privacy filter, and only invoked when you supply your own API key under Settings → AI Providers.

Provider	Mode	Data sent (when enabled)	Sub-processor
llama.cpp	Local	None — runs on your CPU	None
Apple MLX	Local	None — runs on Apple Silicon Metal	None
Anthropic Claude	Cloud (opt-in)	Prompts + selected analysis context you choose to share	Anthropic
OpenAI (GPT)	Cloud (opt-in)	Prompts + selected analysis context you choose to share	OpenAI
xAI Grok	Cloud (opt-in)	Prompts + selected analysis context you choose to share	xAI
Azure OpenAI	Cloud (opt-in)	Prompts + selected analysis context you choose to share	Microsoft Azure

Important guarantees:

• We do not act as an intermediary for cloud-AI traffic. Calls go directly from your machine to the chosen provider using your API key — CyberShelt never sees the prompt content.
• The in-app privacy filter redacts internal IP ranges, MAC addresses, file paths, and known-secret patterns from AI prompts before transmission. You can review what would be sent before any call.
• You can disable cloud AI entirely. The default Community configuration uses local AI only.
• API keys are stored encrypted at rest with Fernet (AES-128-CBC + HMAC-SHA256) under your OS data directory; CyberShelt cannot recover them.

6. Data Storage and Security

• Local application data (accounts, analysis, settings) is stored on your machine in the application data directory and encrypted at rest where applicable
• License data on our server is stored in Cloudflare Workers KV with encryption at rest
• We use Ed25519 digital signatures to prevent license tampering
• Authentication tokens use HMAC-SHA256 with 24-hour expiry
• All communications with license.intreys.com use TLS 1.3

7. Data Retention

• Local application data: Retained until you delete the application or clear its data
• License records: Retained for the duration of your subscription plus 90 days
• Audit logs: Local audit logs auto-prune after 90 days
• Support tickets: Retained for the duration of the active ticket plus 12 months
• Billing records: Retained per Stripe's policies and applicable tax law requirements

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate data
• Deletion — Request deletion of your data (subject to legal obligations)
• Portability — Request your data in a machine-readable format
• Objection — Object to processing based on legitimate interest

To exercise these rights, email [email protected]. We will respond within 30 days.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information:

9.1 Right to Know

You have the right to request that we disclose what personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collecting it, and the categories of third parties with whom we share it. The categories of personal information we collect are described in Section 2 above.

9.2 Right to Delete

You have the right to request that we delete the personal information we have collected about you, subject to certain exceptions provided by law (such as legal compliance obligations or completing a transaction you requested).

9.3 Right to Opt-Out of Sale or Sharing

You have the right to opt out of the sale or sharing of your personal information. We do not sell your personal information, nor do we share it for cross-context behavioral advertising. We only disclose personal information to third-party service providers as described in Section 4 for the purposes of operating our business.

9.4 Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, provide a different level or quality of service, or suggest that you will receive any of these as a consequence of exercising your privacy rights.

9.5 Exercising Your Rights

To submit a request to know, delete, or exercise any other right under the CCPA/CPRA, contact us at [email protected]. You may also designate an authorized agent to make a request on your behalf.

9.6 Verification Process

When you submit a request, we will verify your identity by matching information you provide against the data we have on file (such as your email address associated with your account or license). We may ask you to confirm additional details if needed. For requests submitted by an authorized agent, we require written authorization from you along with identity verification.

9.7 Response Timeframe

We will acknowledge your request within 10 business days and provide a substantive response within 45 calendar days of receiving your verified request. If we need additional time, we will notify you of the extension and the reason, for a maximum total response period of 90 calendar days.

10. International Transfers

Our license server runs on Cloudflare's global network. License validation requests are routed to the nearest Cloudflare data center. If you are located outside the United States, your license data (email and machine fingerprint) may be processed in the US. We rely on Cloudflare's data processing agreements and standard contractual clauses for international transfers.

11. Children's Privacy

The Service is not directed to children under 16. We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify existing subscribers of material changes via email at least 30 days in advance. The "Last updated" date at the top indicates the most recent revision.

13. Contact

For privacy questions or data requests:

CyberShelt LLC
Email: [email protected]
Support: [email protected]