THREATMAPPER

Privacy Policy

Effective: 4 July 2026

What we collect

Your email and password hash (never the plain password); the system descriptions you submit and the reports generated from them; basic usage events (pageviews, generations, exports) without third-party trackers; payment metadata from Razorpay/Stripe (we never see card numbers).

How descriptions are processed

System descriptions are sent to a large language model to generate your threat model. They are not used to train models and are not shared with third parties beyond the LLM processing necessary to provide the service.

Storage and retention

Data is stored on our servers with daily backups. Delete your account by emailing us — we remove your data within 30 days. We comply with India's DPDP Act and honor GDPR data-subject requests (access, export, erasure).

Cookies

Only first-party, functional cookies: your session and an anonymous demo identifier. No advertising or cross-site tracking cookies.

Contact

getdeaddictedllc@gmail.com