Privacy Policy

Pwno.io Inc. ("we," "us," or "our") operates the Pwno.io website and security research platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and maintaining the security of your data. This policy describes our practices regarding the collection and use of your information, including uploaded binaries, analysis results, and personal data.

Personal Information

We may collect the following personal information:

• Name and email address (for account creation and communication)
• Authentication information (passwords, API keys)
• Payment information (processed by third-party payment processors)
• Usage data and analytics
• Communication records (support tickets, chat logs)

Technical Data

• Uploaded binary files and associated metadata
• Analysis results and security research outputs
• Chat conversations with AI models
• Container and infrastructure usage logs
• IP addresses and device information
• Browser type and operating system

We use the collected information for the following purposes:

• Service Provision: To provide binary analysis, vulnerability detection, and security research tools
• Account Management: To create and manage your user account
• Communication: To send service-related notifications and respond to inquiries
• Improvement: To analyze usage patterns and improve our Service
• Security: To detect and prevent fraud, abuse, and security threats
• Legal Compliance: To comply with applicable laws and regulations

Security Measures

We implement industry-standard security measures to protect your data:

• Encryption in transit and at rest
• Isolated containerized analysis environments
• Access controls and authentication systems
• Regular security audits and monitoring
• Secure data centers with physical access controls

Binary File Handling

Uploaded binary files are handled with special care:

• Processed in isolated, ephemeral containers
• Stored in encrypted storage systems
• Access restricted to authorized analysis systems
• Automatically deleted based on retention policies

We retain your information for the following periods:

• Account Data: For the duration of your account plus 30 days after deletion
• Binary Files: 90 days after upload, unless explicitly requested for longer retention
• Analysis Results: Associated with your account until account deletion
• Chat Logs: 1 year for service improvement purposes
• Usage Logs: 2 years for security and analytics purposes

You may request early deletion of your data by contacting us at privacy@pwno.io.

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following circumstances:

Service Providers

We may share information with trusted third parties who assist us in operating our Service:

• Cloud infrastructure providers (AWS, Google Cloud)
• Payment processors (Stripe)
• Analytics services (anonymized data only)
• Email service providers

Legal Requirements

We may disclose information when required by law or to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or abuse
• Ensure user safety

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to certain types of processing

To exercise these rights, please contact us at privacy@pwno.io. We will respond to your request within 30 days.

We use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences
• Analyze website usage
• Improve user experience

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Service.

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards, including:

• Standard contractual clauses
• Adequacy decisions by relevant authorities
• Privacy frameworks and certifications

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For material changes, we will provide additional notice via email or through our Service.

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: contact@pwno.io