CYBER3.AI — Privacy Policy

Last updated: 22 June 2026

CYBER3.AI ("the app") is a mobile and desktop security application — AI Protection from Malware & Scams. We are built around a simple principle: your data stays on your device. This policy explains what limited information the app processes.

What we DO NOT collect

• We do not require an account, name, email or login to use the app.
• We do not sell, rent or share your data with advertisers.
• We do not upload the content of your messages, files, contacts, photos or browsing.
• We do not show ads or use third-party advertising/tracking SDKs.

How threat checks work (privacy by design)

Checks happen on your device first. When the app needs to confirm whether something is a known threat, it uses k-anonymity — it never sends the actual item you checked:

• Links / domains / files: the app computes a SHA-256 hash locally and sends only the first 4 hex characters of that hash to our edge servers to retrieve candidate matches. The full link, domain, message or file never leaves your device.
• Password check: uses the same k-anonymity model — the app computes a SHA-1 hash of the password locally and sends only the first 5 hex characters to a breach-data service. Your password is never transmitted.

Device & PC security scan

The phone/computer security scan reads device security settings and installed applications locally to compute a security score and find risks. Results stay on your device. Nothing from the scan is uploaded to us.

Crowdsourced reports (optional)

If you tap "Report", the app sends only the single indicator you chose to report (for example a suspicious domain or URL) plus an approximate country derived from your IP, so our analysts can improve protection for everyone. No personal information is attached.

Data we receive

• Anonymous hash prefixes for threat lookups (as above), processed via Cloudflare.
• Standard, short-lived server logs (IP address, timestamp) used only to operate and protect the service against abuse. We do not build user profiles from them.

Payments & subscriptions

If you buy a paid subscription, payment is processed by our authorized reseller and Merchant of Record, Paddle (Paddle.com Market Ltd), which is the seller of record and handles billing, taxes and invoicing. Paddle processes your payment and billing details (such as name, email, billing country and card information) under its own privacy policy. We never receive or store your full card details. We receive only the limited information needed to activate and support your subscription (for example your purchase email and subscription status). See our Refund & Cancellation Policy and Paddle's Privacy Policy.

Children

The app is not directed to children under 13 and does not knowingly collect their data.

Changes

We may update this policy; the "last updated" date will change accordingly.

Contact

Questions about privacy: [email protected]

CYBER3.AI — AI Protection from Malware & Scams.