Privacy Policy
Last updated: July 3, 2026
What we collect
Account email and name, a securely hashed password (never stored in plain text), license keys issued, and Stripe payment metadata for subscriptions. OAuth providers may share name and avatar.
What we don't collect
Expiry scans run locally or in your CI. We do not upload your source code to our servers.
Data storage
Account and license data is stored securely. You may request deletion by contacting support@expiry.dev.
Cookies
We use a session cookie (expiry_session) to keep you signed in.