2.1 Information You Provide

Account Information:

• Email address (required for account creation)
• Full name (optional)
• Profile photo (if signing in with Google or Discord)
• Discord user ID (if you link your Discord account)
• Invite code (during beta period)
• Payment information (processed by third-party payment providers)

Note: We use Firebase Authentication for secure login. Your password is managed by Google Firebase and is never stored in our databases. For more information, see Firebase Privacy Policy.

User-Submitted Content:

• Source code files uploaded for obfuscation (.lua files)
• Configuration preferences (security level selections)
• Support tickets and correspondence
• Feedback and survey responses

2.2 Automatically Collected Information

Usage Data:

• IP addresses and geographic location (country/region)
• Browser type, version, and language settings
• Operating system and device information
• Pages visited, features used, and actions taken
• Timestamps of all activities
• Referral source (how you found our Service)

Technical Data:

• API usage logs and performance metrics
• Job processing times and success/failure rates
• File sizes and obfuscation parameters
• Error logs and debugging information
• IP addresses for each obfuscation request (for account sharing detection)

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies. See our Cookie Policy for detailed information.

3.1 Service Provision

• Creating and managing your account
• Processing obfuscation requests
• Enforcing usage quotas and rate limits
• Providing customer support
• Delivering obfuscated files and downloads

3.2 Security and Fraud Prevention

• Detecting and preventing fraudulent activity
• Identifying unauthorized access attempts
• Monitoring for Terms of Service violations
• Investigating reverse engineering attempts
• Enforcing intellectual property rights via watermark tracking

3.3 Improvement and Analytics

• Analyzing usage patterns to improve the Service
• Optimizing obfuscation algorithms and performance
• Conducting A/B testing of new features
• Generating anonymized statistical reports

3.4 Communication

• Sending transactional emails (account notifications, job completions)
• Service announcements and security alerts
• Marketing communications (with your consent, opt-out available)
• Responding to inquiries and support requests

3.5 Legal Compliance

• Complying with legal obligations and court orders
• Enforcing our Terms of Service
• Protecting our rights and property
• Cooperating with law enforcement investigations

4.1 Storage Locations

Your data is stored on secure servers located in the United States. We use industry-standard encryption for data at rest and in transit (TLS 1.3, AES-256).

4.2 Retention Periods

• Uploaded source files: Deleted immediately after obfuscation
• Obfuscated output files: 14 days from job completion, then permanently deleted
• Account data: Retained while account is active, deleted 90 days after account closure
• Firebase authentication data: Managed by Google Firebase; deleted when account is closed
• IP activity logs: 12 months for security and fraud prevention
• Usage logs: 12 months for operational purposes
• Watermark metadata: Retained indefinitely for anti-piracy enforcement
• Payment records: 7 years for tax and accounting compliance

4.3 Backup and Disaster Recovery

We maintain encrypted backups for disaster recovery. Backup data is retained for up to 30 days and follows the same security standards as production data.

5.1 Service Providers

We share data with trusted third-party service providers who assist us:

• Google Firebase - Authentication services (email/password, Google OAuth)
• Cloud hosting - Infrastructure providers (Vercel, VPS hosting)
• Payment processing - Stripe, PayPal (they have separate privacy policies)
• Email delivery services - Transactional and marketing emails
• Analytics providers - Google Analytics (anonymized data only)
• Customer support tools - Discord integration

All service providers are contractually bound to protect your data and use it only for specified purposes.

5.2 Legal Requirements

We may disclose your information if required by law:

• In response to court orders, subpoenas, or legal processes
• To comply with DMCA takedown notices
• To cooperate with law enforcement investigations
• To protect our rights, property, or safety
• To prevent fraud or security threats

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. You will be notified via email of any such change in ownership.

5.4 Aggregated Data

We may share anonymized, aggregated statistics that do not identify individuals (e.g., "50,000 files obfuscated this month") for marketing or research purposes.

6.1 GDPR Rights (EU Residents)

If you are located in the European Union, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for marketing communications

6.2 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and share
• Request deletion of your personal information
• Opt-out of the sale of personal information (we do not sell data)
• Non-discrimination for exercising your privacy rights

6.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

We will respond within 30 days. We may require identity verification to process your request.