Last updated: March 2026
When you use ShieldIQ, we collect your email address, name, and organization name for account management. We do not collect or store firewall configuration files — they are processed in memory and discarded immediately after analysis.
We use your information to provide the ShieldIQ service, send audit reports, and communicate product updates. We never sell your data to third parties.
Firewall configs uploaded for analysis are processed in server memory only. Raw configuration data is never stored in our database. Only the normalized audit findings (rule counts, severity levels, compliance mappings) are persisted. Your configs are never shared with third parties.
When AI explanations are enabled, anonymized finding descriptions (not raw configs) are sent to our AI provider for analysis. No identifying information about your organization or network architecture is included in AI requests.
All data is encrypted in transit (TLS) and at rest (AES-256). API credentials stored for scheduled audits are encrypted with Fernet symmetric encryption. Access is controlled via JWT authentication with bcrypt password hashing.
Questions about this policy? Email hello@getshieldiq.com.