Privacy Policy
Effective Date: January 20, 2026
d3cipher ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the LockStock platform and related services (collectively, the "Services").
Please read this Privacy Policy carefully. By using our Services, you consent to the practices described in this policy.
1. Information We Collect
1.1 Information You Provide
- Account Information: Email address, password (hashed), and billing information when you create an account
- Payment Information: Credit card details processed securely through Stripe; we do not store full card numbers
- Agent Data: Information about AI agents you register, including agent identifiers, capabilities, and authentication credentials
- Communications: Content of messages when you contact our support team
1.2 Information Collected Automatically
- Usage Data: API calls, verification requests, timestamps, and interaction patterns
- Log Data: IP addresses, browser type, operating system, and referring URLs
- Device Information: Device identifiers and characteristics
- Cryptographic Data: Hash chains, state matrices, and audit logs generated by the Services
1.3 Information from Third Parties
- Payment Processors: Transaction confirmations from Stripe
- Analytics Providers: Aggregated usage statistics
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our Services
- Process transactions and send related information
- Authenticate AI agents and verify cryptographic identities
- Generate audit logs and compliance reports
- Detect and prevent fraud, abuse, and security incidents
- Respond to your requests and provide customer support
- Send administrative notifications about your account or the Services
- Analyze usage patterns to improve user experience
- Comply with legal obligations
3. Data Retention
We retain your information according to your subscription plan:
| Plan |
Audit Log Retention |
Account Data Retention |
| Core |
30 days |
Duration of account + 90 days |
| Starter |
90 days |
Duration of account + 90 days |
| Professional |
1 year |
Duration of account + 1 year |
| Enterprise |
7 years |
Duration of account + 7 years |
After account termination, we may retain certain data as required by law or for legitimate business purposes such as fraud prevention.
4. Information Sharing
We do not sell your personal information. We may share your information in the following circumstances:
- Service Providers: With third-party vendors who assist in operating our Services (e.g., cloud hosting, payment processing)
- Legal Requirements: When required by law, court order, or government request
- Protection of Rights: To protect our rights, property, or safety, or that of our users
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- With Your Consent: When you explicitly authorize us to share information
5. Data Security
We implement industry-standard security measures to protect your information:
- 256-bit TLS encryption for all data in transit
- AES-256 encryption for sensitive data at rest
- Secure password hashing using bcrypt
- Regular security audits and penetration testing
- Access controls and authentication for internal systems
- Cryptographic hash chains for audit log integrity
While we strive to protect your information, no method of transmission or storage is 100% secure. You are responsible for maintaining the security of your account credentials and API keys.
6. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate personal information
- Deletion: Request deletion of your personal information, subject to legal retention requirements
- Portability: Request your data in a portable format
- Objection: Object to certain processing of your personal information
- Withdraw Consent: Withdraw consent where processing is based on consent
To exercise these rights, contact us at privacy@d3cipher.ai.
7. Cookies and Tracking
We use cookies and similar technologies to:
- Maintain your session and authentication state
- Remember your preferences
- Analyze usage patterns
- Improve our Services
You can control cookies through your browser settings. Disabling cookies may affect the functionality of our Services.
8. International Data Transfers
Our Services are hosted in the United States. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using our Services, you consent to such transfers.
9. Children's Privacy
Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will delete it promptly.
10. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect and how it is used
- Right to delete personal information
- Right to opt-out of the sale of personal information (we do not sell personal information)
- Right to non-discrimination for exercising your privacy rights
11. European Privacy Rights
If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR). Our legal bases for processing include:
- Contract: Processing necessary to fulfill our agreement with you
- Legitimate Interests: Processing for our legitimate business purposes
- Consent: Processing based on your explicit consent
- Legal Obligation: Processing required by law
You may lodge a complaint with your local data protection authority if you believe we have violated your rights.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the effective date. Your continued use of our Services after such changes constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us at:
d3cipher
Email: privacy@d3cipher.ai
Website: https://d3cipher.ai
For data protection inquiries in the EU, you may also contact our Data Protection Officer at dpo@d3cipher.ai.