Privacy Policy

Effective Date: April 23, 2026. Replaces all previous versions.

Legal Entity and Service Scope

This Privacy Policy (the "Policy") applies to services provided by Vigilcode, Inc., a Delaware corporation ("Vigilcode," "we," "us," or "our"), including:

  • Our website at vigilcode.com and all subdomains

  • The Vigil mobile application for iOS and Android

  • Our API services at api.vigilcode.com

  • All related online services and features

This Policy does not apply to third-party websites, services, or applications, even if accessed through our Services.

Overview

Vigil provides AI-powered threat detection and security analysis services to help users identify potential digital security risks. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

On-Device Processing

Vigil's core threat detection engine (Sentinel) runs entirely on your device using on-device machine learning models. This means:

  • Your messages stay on your device: Text and email content you scan is analyzed locally and is never transmitted to our servers

  • Core threat analysis runs locally: Sentinel performs threat detection computation on your device; our servers are not involved in analyzing your message content

  • Privacy by design: On-device processing ensures your sensitive content remains under your control at all times

Cloud-Assisted Features (Scout and Sage)

Two optional AI-assisted features perform supplementary analysis in our cloud infrastructure: Scout (context-gathering questions) and Sage (personalized recommendations). When these features are active:

  • Your message content still never leaves your device. Scout and Sage operate on *derived signals* produced by Sentinel's on-device analysis (for example: risk scores, detected behavioral patterns, content type), not on the original text of your messages or emails.

  • Any context you provide to Scout's questions (for example, whether you recognize a sender) is sent to our cloud to refine the analysis; you can decline to answer at any point.

  • The cloud provider used for this analysis is Amazon Web Services (AWS) via Amazon Bedrock, AWS's managed foundation model service. Bedrock processes the derived signals within AWS infrastructure and, under AWS's terms, does not retain your inputs, use them for training, or share them with foundation model providers.

We will clearly indicate within the app when a cloud-assisted feature is about to run, so you can opt out per analysis if you prefer Sentinel's on-device output alone.

Types of Data We Collect

We categorize the information we collect into three distinct types to provide transparency about how your data is used:

Service Data (Required for Operation)

  • Email addresses for authentication and account management

  • Session identifiers and device tokens for secure access

  • Account settings and preferences you configure

  • Authentication logs for security monitoring

  • Usage quota tracking (scan counts per period) to manage service limits

Analysis Data (Your Submitted Content)

  • Text, images, and URLs you submit for security analysis

  • Content metadata necessary for threat detection

  • Analysis results and recommendations we generate

  • Encrypted and processed with privacy-preserving techniques when possible

Diagnostic Data

App performance metrics, error reports, and usage analytics are collected automatically to help us improve Vigil. This data is:

  • Not linked to your Vigil account identity in our analytics provider's systems: we deliberately do not send your Vigil user ID to Firebase Analytics or Firebase Crashlytics

  • Limited in content: crash reports contain exception types and stack traces only, with personally identifiable information filtered before transmission

  • Used only to improve Vigil: we do not sell it, share it with advertisers, or use it for marketing to you

  • Tagged with an anonymous device-level identifier so we can distinguish one device's usage pattern from another's, but contains no information that would identify the person using the device

Information We Collect

Email Addresses

  • Required for account creation and magic link authentication

  • Used for service communications including authentication, account recovery, and important service updates

  • Not shared with third parties for marketing or other purposes

Content Data ("Vigilize Data")

  • Text, images, URLs, and other content you submit for security analysis

  • Collected when you use our threat detection services through website or mobile app

  • Processed to provide security recommendations, threat assessments, and safety insights

  • May include screenshots, message content, email headers, and website URLs

Technical Information (Mobile App)

  • Device identifiers for secure session management; we do not use Apple's advertising identifier (IDFA) or participate in cross-app tracking

  • App usage analytics to improve service performance, not linked to your Vigil account identity in our analytics provider's systems

  • Authentication tokens for secure access (automatically expired)

  • Crash reports collected automatically to improve app stability, with personally identifiable information filtered before transmission

  • App version and device model for compatibility support

Mobile Application Data Collection

Our mobile app collects minimal data necessary for functionality:

  • Session management: Secure tokens that automatically expire

  • Performance monitoring: App crashes and performance issues are collected automatically to improve app reliability; crash reports contain no user content, no message data, and are not linked to your Vigil account identity in our analytics provider's systems

  • Feature usage: Which features are used to prioritize improvements, tagged only with an anonymous device identifier (no Vigil account linkage sent to our analytics provider)

  • Security logs: Authentication attempts for fraud prevention

Important: We do not track your location, access your contacts, read your messages, or monitor your other apps. We do not use Apple's IDFA or participate in ad tracking.

Optional Account Connections

You may choose to connect third-party accounts (such as Google Gmail) to enable email scanning features. When you do:

  • We use industry-standard OAuth 2.0 to authenticate with the provider

  • We never see or store your third-party account passwords

  • We access only the data necessary to provide the requested scanning service

  • You can revoke access at any time through your account settings or the third-party provider's settings

Automatically Collected Information

  • IP addresses for security and fraud prevention

  • Usage patterns to improve service quality

  • Error logs for technical support and debugging

How We Use Your Information

Primary Service Functions

  • Threat Detection: Analyze submitted content for security risks

  • Authentication: Provide secure, password-less login via magic links

  • Service Delivery: Generate personalized security recommendations

  • Account Management: Maintain your account and service preferences

  • Quota Management: Track usage to enforce service tier limits

Service Improvement

  • AI Model Training: We may use anonymized email data and Vigilize data to train and improve our AI models

  • Product Development: Enhance threat detection capabilities and user experience

  • Research: Understand emerging security threats and develop better protections

Important: All data used for model training is thoroughly anonymized with personal identifiers removed. We never use identifiable personal information for training purposes.

Data Anonymization Process

When using data for model training:

  • Personal identifiers removed: Names, email addresses, and account information

  • Content patterns preserved: Security-relevant patterns needed for threat detection

  • No reverse identification: Anonymized data cannot be traced back to individual users

  • Secure processing: Anonymization occurs in isolated, secure environments

Your Data Ownership

You retain full ownership of all content you submit to Vigil. We process your data solely to provide security analysis services and improve our threat detection capabilities.

What This Means

  • You own your content: We never claim ownership of your personal communications, files, or other submitted content

  • Limited processing rights: We only process your data to deliver the services you requested

  • No permanent claims: Our processing rights end when you delete your account or withdraw consent

  • Exportable data: You can request a copy of your data and analysis history at any time

Our Commitment

We act as a data processor for your submitted content, not a data owner. Your trust in sharing potentially sensitive content for analysis is fundamental to our service, and we honor that trust through strict data ownership respect.

Information Sharing and Disclosure

We Do Not Sell Your Data

ABSOLUTE COMMITMENT: We do not and will never:

  • Sell your personal data to advertisers, data brokers, or marketing companies

  • Share data with third parties for their own commercial purposes

  • Use your data for advertising to third parties

  • Create marketing profiles from your submitted content

  • Monetize your information beyond providing you our security services

This is a core principle that will never change, regardless of business pressures or opportunities.

What We Don't Do

  • No data sales: We do not and will never sell your personal data

  • No advertising partnerships: We do not share data with advertisers or data brokers

  • No marketing databases: We do not use your data for marketing to third parties

  • No unencrypted storage: We do not store unencrypted sensitive content

  • No cross-selling: We do not share your information for others to market to you

Limited Disclosure Scenarios

We may disclose information only when:

  • Required by law or legal process

  • Protecting user safety in emergency situations

  • Preventing fraud or security threats to our services

  • With your explicit consent for specific purposes

Service Providers

We use the following categories of trusted service providers to deliver our services. Each provider is contractually bound to protect your information and may not use your data for their own purposes:

  • Cloud Infrastructure (Amazon Web Services): Hosts our backend services, API endpoints, and securely stores account and quota data. Sign-in (magic-link email verification), session tokens, and all account management run on our AWS backend.

  • Firebase Authentication (custom token bridge): Used only to issue a Firebase-scoped identity so the app can write to Cloud Firestore (for feedback and user statistics). After you sign in through our AWS backend, our backend mints a short-lived Firebase custom token containing your Vigil user ID; Firebase Authentication accepts it. Firebase Authentication does not receive your password, magic-link, or any credential material, and it does not manage your Vigil account.

  • Cloud Firestore (Google Firebase): Stores user-submitted feedback and aggregated usage statistics (scan counts by risk level). Does not store message content.

  • Subscription Management (RevenueCat): Processes in-app purchase transactions and manages subscription entitlements. RevenueCat receives purchase receipts and anonymous user identifiers but not your personal content.

  • OAuth Providers (Google, Microsoft): When you choose to connect an email account, the respective provider handles authentication. We receive only the access tokens necessary to scan your emails.

  • Analytics and Crash Reporting (Firebase Analytics, Firebase Crashlytics): Collects anonymized app performance data and crash reports to help us improve reliability. Not linked to your Vigil account identity in Firebase's systems.

Data Security

Protection Measures

  • Industry-standard encryption for data transmission and storage

  • Access controls limiting data access to authorized personnel only

  • Regular security audits and vulnerability assessments

  • Secure authentication using modern cryptographic methods

Data Retention

  • Account data: Retained while your account is active

  • Vigilize data: Retained for service improvement and threat analysis

  • Anonymized data: May be retained indefinitely for research and model training

  • Deletion requests: Honored in accordance with applicable law

Your Rights and Choices

Account Control

  • Access your data through account settings

  • Update information including email preferences

  • Delete your account and associated personal data

  • Request a copy of your data in portable formats

Communication Preferences

  • Opt out of non-essential communications

  • Authentication emails cannot be disabled (required for service)

  • Security alerts recommended but can be customized

Data Processing Rights

  • Request data deletion (subject to legal and operational requirements)

  • Correct inaccurate information in your account

  • Object to processing for certain purposes

  • Data portability for information you've provided

Children's Privacy

Vigil is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

International Data Transfers

Your information may be processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data when transferred internationally, including:

  • Standard contractual clauses approved by regulatory authorities

  • Adequacy decisions recognizing equivalent protection levels

  • Additional security measures as required by applicable law

California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected and how it's used

  • Right to delete personal information (with certain exceptions)

  • Right to opt-out of sale of personal information (we don't sell data)

  • Right to non-discrimination for exercising privacy rights

Changes to This Policy

Vigilcode reserves the right to modify this Privacy Policy at any time. When we make changes:

  • We will update the "Last Updated" date at the top of this document

  • For material changes, we will provide additional notice via email or prominent website notification

  • Your continued use of our Services after changes constitutes acceptance of the updated Policy

  • We encourage you to review this Policy periodically for updates

Third-Party Services and Websites

This Policy does not cover third parties or their products, actions, or services. Vigilcode is not responsible for:

  • Third-party websites, applications, or services you may access through our Services

  • Cookies, pixels, and tracking technologies used by third-party advertisers

  • Social media platforms, email providers, or other external services you may connect to

  • Privacy practices of companies that provide services to us

For information about third-party privacy practices, please consult their respective privacy policies.

Contact Information

For privacy-related questions, concerns, or requests:

Email: <privacy@vigilcode.com>

*By using Vigil services, you acknowledge that you have read and understood this Privacy Policy and agree to our data practices as described herein.*