Privacy Policy

Last updated: 04.07.2026

RedactOps ("RedactOps," "we," "us") is operated by Nils Marti, an individual sole proprietor based in Switzerland ("Controller"), reachable at privacy@redactops.devor by post at Postfach, 5400 Baden, Switzerland. This Privacy Policy explains what personal data we collect through the RedactOps website (redactops.dev), the RedactOps desktop application, and related services (together, the "Service"), why we collect it, and the rights you have over it.

This policy is written to comply with the EU/EEA General Data Protection Regulation ("GDPR") and the revised Swiss Federal Act on Data Protection ("nDSG"/"FADP"). Where the two differ, we describe the more protective standard and note Switzerland-specific differences separately.

1. The short version

RedactOps is built to be local-first: the actual content you scan or redact — logs, code, configuration files, and any secrets or personal data contained in them — is processed entirely on your device and is never transmitted to our servers. What we do collect is limited to account data needed to run your subscription (via Clerk and Stripe), and small amounts of device/license telemetry needed to enforce plan limits, keep detection rules in sync, and diagnose problems (via Convex). We do not see, store, or have the technical ability to reconstruct the sensitive content our software redacts on your device.

2. Data we collect

2.1 Account and billing data

When you create an account, we use Clerk as our authentication provider. Clerk processes your name, email address, password/social login credentials, and session data on our behalf. Billing is handled through Clerk Billing, which uses Stripe as the payment processor. Stripe collects payment method details (e.g. card number) directly — RedactOps never receives or stores full payment card numbers. We do receive billing metadata from Stripe/Clerk Billing such as your subscription plan, billing cycle, subscription status, and seat count.

2.2 Desktop client license and telemetry data

The RedactOps desktop application periodically contacts our servers (backed by Convex) to verify your license and keep detection rules up to date. This exchange includes:

  • A device identifier (not tied to hardware serials — generated per install)
  • Operating system and app version
  • A hash of the currently-active detection rule pack (to detect drift, not its contents)
  • The count of custom detection rules configured, and when they were last changed
  • Aggregate detection counts by category (e.g. "3 API keys, 1 email address redacted") — never the detected values themselves, and never the surrounding text
  • Basic engine health signals (error codes, queue depth, latency) for support purposes
  • Coarse locale/timezone offset, used only to auto-suggest a regional compliance rule pack

We do not persist end-user IP addresses at the application layer. As with any internet service, your device's IP address is transmitted to and may be transiently processed or logged by our hosting/infrastructure providers (Vercel, Convex) as part of routing the request; we do not use it to build a profile of you.

We never receive the text, files, or logs you paste or scan into RedactOps, nor the specific secrets or personal data it detects and redacts. That processing happens entirely on your device.

2.3 Website usage data

Our website uses Vercel Web Analytics and Vercel Speed Insights, which measure aggregate traffic and performance without using tracking cookies or building individual visitor profiles. See Vercel's privacy policy for details.

2.4 Communications and outreach

If you contact us, sign up for updates, or are contacted by us as part of sales outreach, we process your name, email address, employer/organization, and message content using Resend as our email delivery provider. We limit unsolicited outreach to business contacts and to what is permitted under applicable law (including Swiss UWG Art. 3(1)(o) and EU ePrivacy rules); marketing/outreach emails include an unsubscribe or opt-out mechanism, and you can opt out at any time.

3. Why we process this data (legal basis)

PurposeLegal basis (GDPR Art. 6)
Providing the Service, authentication, billingPerformance of a contract
License enforcement, rule sync, fraud/abuse preventionLegitimate interest
Product support and debuggingLegitimate interest / contract
Marketing outreach to prospective business customersLegitimate interest (B2B), or consent where required
Legal compliance (tax, accounting records)Legal obligation

Under the Swiss nDSG, which does not use the GDPR's formal "legal basis" framework in the same way, the same processing activities are justified on the basis that they are necessary for the purposes stated above and are not otherwise unlawful.

4. Sub-processors

We share personal data with the following categories of service providers:

ProviderPurposeLocationTransfer mechanism
ClerkAuthentication, user management, billing orchestrationUnited StatesDPF or SCCs + Swiss addendum
StripePayment processingUnited States / IrelandDPF or SCCs + Swiss addendum
ConvexApplication database (licenses, subscriptions, device telemetry)United StatesDPF or SCCs + Swiss addendum
VercelWebsite and application hosting, web analyticsUnited StatesDPF or SCCs + Swiss addendum
ResendTransactional and outreach email deliveryUnited StatesDPF or SCCs + Swiss addendum

5. International data transfers

Some of our sub-processors are located outside Switzerland and the EU/EEA, including in the United States. Where personal data is transferred internationally, we rely on the sub-processor's EU-US / Swiss-US Data Privacy Framework certification where available, or otherwise on Standard Contractual Clauses (SCCs) together with the Swiss addendum reflecting the Swiss Federal Data Protection and Information Commissioner's (FDPIC) requirements, as implemented in each sub-processor's own data processing agreement.

6. Data retention

We retain account and billing data for as long as your account is active, and for a limited period afterward as required for accounting, tax, and legal purposes. Device telemetry and sync events are retained for a rolling window (currently 90 days) and then automatically deleted. You may request earlier deletion as described in Section 7.

7. Your rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten" under GDPR)
  • Request a portable copy of your data
  • Object to or request restriction of certain processing
  • Withdraw consent, where processing is based on consent

To exercise any of these rights, contact us at privacy@redactops.dev. EU/EEA residents may lodge a complaint with their local supervisory authority. In Switzerland, you enforce your data-protection rights primarily through the civil courts (Art. 32 nDSG); you may also report concerns to the FDPIC, which can investigate and order corrective measures but does not adjudicate individual complaints in the way an EU supervisory authority does.

8. Cookies

The website uses strictly necessary cookies set by Clerk to maintain your signed-in session. We do not use third-party advertising or cross-site tracking cookies. Vercel Web Analytics operates without cookies.

9. Security

We use industry-standard measures to protect personal data, including encryption in transit (TLS), access controls scoped to authenticated users and services, and cryptographically signed licenses. No system is completely secure, and we cannot guarantee absolute security.

10. Children's privacy

The Service is intended for business use by engineers and organizations and is not directed at children. We do not knowingly collect personal data from children.

11. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the "Last updated" date above, and where required by law, we will provide additional notice.

12. Contact

Nils Marti
RedactOps
Postfach, 5400 Baden, Switzerland
privacy@redactops.dev