Privacy Policy

IP address of incoming requests to our web, API, feed, and MCP endpoints.

Request path and query string (for example, search terms, filter parameters, and tool request parameters sent in URLs).

Standard HTTP metadata normally present in web server or application logs (for example method, status code, timestamp, and user agent).

Mobile app preferences such as theme selection, recent searches, selected AI provider, saved MCP endpoint, and selected Ollama model are stored locally on the device.

User-provided Anthropic API keys and Ollama Cloud API keys are stored locally on the mobile device when a user chooses to enable Ask EIP. These keys are not bundled into the app at build time.

Ask EIP prompt text and conversation context are sent to the AI provider selected by the user when the user chooses to use Ask EIP.

Ask EIP tool traffic may send tool inputs and related request metadata to the hosted Exploit Intelligence MCP endpoint when tool-backed answers are used.

Operate and secure the platform.

Return search results, detail pages, feeds, and tool-backed mobile app responses requested by the user.

Detect abuse, scraping, and automated attacks.

Troubleshoot errors and performance issues.

Store mobile app preferences and user-provided provider credentials locally on-device so optional Ask EIP features can work.

Server-side request logs, including IP addresses and query strings, are retained for no longer than 14 days, then removed in normal log rotation or cleanup.

Mobile app preferences and user-provided provider credentials remain on the device until the user clears them in the app, clears app storage, or removes the app.

Direct requests to third-party AI providers are handled by the provider selected by the user. Retention and usage at those providers are governed by that provider's own terms and privacy policy, not this site policy alone.

Ask EIP is optional. The core search, feed, vulnerability, and exploit views do not require an AI provider.

If a user enables Ask EIP, the user selects the provider and supplies the provider credential directly in the mobile app.

The current mobile build supports Anthropic API on Android and Ollama Cloud through direct cloud access.

When Ask EIP uses hosted MCP tools, tool inputs and related request metadata may reach Exploit Intel infrastructure as part of the requested tool call.

We do not use Ask EIP to run exploits, scan targets, deliver payloads, or perform offensive automation.

No tracking cookies and no advertising cookies.

No ad tech, no data brokerage, and no third-party behavior profiling.

We use Cloudflare Web Analytics for aggregate traffic statistics. It does not use cookies, does not track you across sites, and does not profile individual users.

Cloudflare may set a short-lived security cookie (__cf_bm) for bot protection. It is strictly functional and expires after 30 minutes of inactivity.

We do store your selected color theme in browser local storage so the site keeps your preferred appearance.