1. Information we collect
We may collect account email addresses, authentication events, API keys, scan requests, package specifications, usage metrics, billing identifiers, support messages, and technical logs needed to operate and secure the service.
2. Package and scan data
PkgRadar is designed for static package analysis. Public registry package names, versions, metadata, and derived candidate intelligence may be processed and displayed publicly. Private account usage and API activity are used to provide the service and enforce quotas.
3. How we use information
We use information to authenticate users, operate scans and CI gates, maintain campaign intelligence, process payments, prevent abuse, improve reliability, and communicate about the service.
4. Service providers
We may use providers for infrastructure, email delivery, analytics, payments, logging, and security. These providers process information on our behalf according to their service terms and privacy commitments.
5. Security
We use technical and organizational safeguards intended to protect service data. No system is perfectly secure, and you are responsible for protecting your own API keys, sessions, and CI secrets.
6. Retention
We retain information for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security or audit records.
7. Your choices
You may request access, correction, deletion, or export of applicable personal information by contacting Zenofex LLC. Some information may be retained where required for security, legal, or operational reasons.
8. Operator
PkgRadar is operated by Zenofex LLC. Company information is available at zenofex.com.