Privacy Policy

Plain language. No legal jargon. Last updated: March 2026.

The short version: We don't store anything you type. Your email for breach checks is never logged. Your incident descriptions never touch a database. Nothing is shared. Teradef is built to help people in dangerous situations — your privacy is the mission.

What we collect — and what we don't

We do NOT store, log, or retain anything you type into any Teradef tool
We do NOT store email addresses entered into the Breach Check tool
We do NOT require an account, name, or contact information
We do NOT use advertising or allow advertisers to access any data
We do NOT sell data — there is no data to sell
We do NOT use third-party analytics trackers (no Google Analytics, no Facebook Pixel)

How the AI tools work

When you use Cyber First Aid, CyberWeather, ShieldHuman, or VulnBridge, your text goes directly to the Anthropic Claude API to generate a response. It comes back to your browser. Nothing is stored on Teradef servers. Anthropic's own privacy policy applies to the AI processing — see anthropic.com/privacy.

How the Breach Check works

Your email address is sent over an encrypted HTTPS connection to the HaveIBeenPwned API. We receive the result and display it to you. The email is never written to any log file or database. HaveIBeenPwned's own privacy policy applies — see haveibeenpwned.com/Privacy.

Hosting and infrastructure

Teradef is hosted on Vercel. Vercel may collect standard server logs (IP addresses, request timestamps) as part of normal infrastructure operation. These are not accessible to Teradef and are subject to Vercel's privacy policy. We do not use or access these logs.

Cookies

Teradef does not use cookies or local browser storage to track users. Your language preference is stored only in your browser's memory for the duration of your session — it is not sent to any server and disappears when you close the tab.

Anonymous feedback

The optional feedback form is completely anonymous. If you submit feedback, the message text and selected tool are sent to a private form endpoint. No IP address, browser fingerprint, or identifying information is collected or stored alongside feedback.

For journalists, activists, and survivors

ShieldHuman is designed for people in sensitive situations. We want to be completely clear: nothing you type into ShieldHuman is stored, logged, or accessible to anyone other than the AI model generating your response, which then discards the context. If you are in immediate physical danger, please contact local emergency services — Teradef is not a crisis hotline.

Children

Teradef is not directed at children under 13. We do not knowingly collect information from children.

Changes to this policy

If we ever change what data we collect, we will update this page and the "Last updated" date at the bottom. We will never start collecting user data without updating this policy first.

Questions? Contact us at privacy@teradef.com

For security vulnerabilities, see security.txt

Version 1.0 — March 22, 2026 · TeraDef