Privacy

Tanvrit Pvt. Ltd. does not collect, store, or transmit any information about the audits you run. This isn’t a marketing claim — it’s an architectural property of the software.

What happens when you run an audit

1. Your browser (or native app) fetches the target URL directly.
2. If the site allows, we additionally fetch /robots.txt and /sitemap.xml. In crawl mode, we follow internal links you discovered.
3. All parsing, scoring, and report generation happens on your device — in the WASM module (web) or the native app process.
4. Results live only in memory until you export them. Reloading the page drops them.

What we don’t do

• No analytics. No Google Analytics, no Plausible, no telemetry.
• No account system. We have no idea who uses this.
• No cookies beyond what your browser sets for itself.
• No “send us the URL you scanned” — ever.

Verify it yourself

Open your browser’s Network tab (or Little Snitch / Proxyman / Wireshark for native apps) and run an audit. The only outbound requests you’ll see are to the URL you entered. The marketing site (this page) is static HTML served from Cloudflare Pages — no tracking scripts of any kind.

Optional updates

The native apps can refresh the Retire.js vulnerability signature database monthly. That fetch goes to raw.githubusercontent.com, not our infrastructure, and you can disable it in Settings if you prefer.