Secbuildon

Privacy

This page describes what Secbuildon actually does, in plain language, based on its source code — not generic legal boilerplate. It has not yet been reviewed by a lawyer.

What the agent never reads

The agent running on your server is structurally prevented from opening:

This is enforced in code (every file the agent opens goes through a single guarded function that refuses these paths outright) and, when installed as a service, additionally enforced by the operating system itself via a systemd sandbox setting (InaccessiblePaths=) — so even a compromised agent process cannot read them.

What we do collect

When you install the agent and connect it to this website's backend, it periodically sends:

Findings summaries never include file contents, configuration values, or any of the raw evidence the agent collects locally to produce them — the data format used to send findings to this backend has no field capable of carrying that information in the first place.

If you run the agent with --local-only, none of the above is ever sent anywhere; the agent scans, alerts, and keeps its findings entirely on your server.

Billing data

Payment processing is handled by Stripe. We store your email address, subscription plan, and Stripe's customer/subscription identifiers so we can correlate billing events back to your license — we do not store payment card details ourselves.

Questions

Contact support@secbuildon.example.