TL;DR
Web Iron Shield is a desktop app. Your scans, findings, and history stay on your machine. The only network traffic we control is license activation and update checks. No telemetry. No analytics. No cloud reporting of scan results.
1. What Data the Software Sends to Us
License activation (one-time, when you activate Pro)
- Your email (which you supply)
- Your serial key (which we generated)
- Your machine's Hardware ID (a SHA-256 hash of CPU/MAC/OS details — not your actual MAC address or hardware)
License re-verification (every 14 days)
Same three fields as above, to confirm your license is still valid. If our server is unreachable, the Software keeps working using cached credentials.
Update checks
- A GET request to
webironshield.com/version.json - Your current version number (sent via User-Agent)
- No personal identifiers
2. What Data the Software Does NOT Send
- Your scan targets
- Your scan findings
- Your scan history
- Your proxy or VPN settings
- Your API keys
- Any usage statistics, telemetry, or analytics
- Crash reports (without your explicit consent)
3. What Data This Website Collects
webironshield.com uses minimal server-side logging (standard Apache access logs: IP, user-agent, timestamp, URL requested). These logs are:
- Retained for 30 days
- Used only for security monitoring and diagnostics
- Not shared with third parties
- Not used for advertising or profiling
We don't use Google Analytics, Facebook Pixel, or any third-party trackers. The only external requests the site makes are to Google Fonts for typography.
4. Cookies
This website does not set any cookies. The installed application stores local settings in %USERPROFILE%\.webironshield\ (or ~/.webironshield/ on macOS/Linux) — these are local files, not web cookies, and never leave your machine.
5. Third-Party Services
If you enable the AI Scanning feature, the Software sends scan data to Anthropic's Claude API using an API key you provide. Data sent to Anthropic is governed by Anthropic's privacy policy. This feature is optional and off by default.
6. Payment Data
Purchases are handled by a third-party payment processor. We never see or store your full payment card details. Our processor sends us only: your email, transaction ID, and the amount paid.
7. Your Rights Under GDPR / POPIA
If you're in the EU, UK, or South Africa you have the right to request:
- A copy of personal data we hold about you (in practice: your license record — email, hardware ID, purchase date)
- Correction of inaccurate data
- Deletion of your data (note: deleting your license record revokes your license)
Email privacy@webironshield.com — we respond within 30 days.
8. Data Retention
- License records: retained for the lifetime of your license plus 7 years (legal/tax requirement).
- Website access logs: 30 days.
- Support emails: 2 years.
9. Security
License data is stored on a server under our control with disk encryption and access limited to a minimum set of authorized personnel. The signing secret that validates your serial key lives only on the server — if this file leaks, nobody can generate new keys without it.
10. Changes
If we change this policy in a material way, we'll announce it via the Software's update system and on this page. The date at the top shows the last revision.
11. Contact
Privacy questions: privacy@webironshield.com