Legal

Privacy Policy

Last updated: January 2026

This policy explains how FortifAI handles data across the website, dashboard, and CLI workflows.

Information We Collect

We collect the minimum data required to operate FortifAI services securely and reliably.

Collected data may include account identity data, security telemetry, product usage, and support communications.

  • Account and authentication details (for example, email address)
  • Website usage and session diagnostics
  • CLI usage metadata such as version and scan runtime
  • Support-related communication records

Local-First CLI Architecture

FortifAI is designed to execute security testing in your environment. By default, sensitive prompts, responses, and source data remain local.

Optional telemetry is anonymized and used for product reliability and security quality improvements.

How We Use Information

Data is used to provide and secure the product, improve reliability, enforce abuse controls, and support customer operations.

  • Operate and maintain FortifAI services
  • Improve scan quality and platform performance
  • Detect abuse and secure service infrastructure
  • Provide support and product updates

Data Security

FortifAI applies standard controls including encrypted transport, access controls, and monitoring to protect system data.

Because scan execution is primarily local-first, sensitive testing content typically remains within your own environment unless you explicitly transmit it.

Cookies

The website may use cookies for authentication, analytics, and experience settings. You can manage cookie behavior in browser preferences.

Contact

For privacy questions or requests, contact our team at support@getfortifai.com.