Privacy Policy

Last updated: July 3, 2026

What we collect

Account email and name, a securely hashed password (never stored in plain text), license keys issued, and Stripe payment metadata for subscriptions. OAuth providers may share name and avatar.

What we don't collect

Expiry scans run locally or in your CI. We do not upload your source code to our servers.

Data storage

Account and license data is stored securely. You may request deletion by contacting support@expiry.dev.

Cookies

We use a session cookie (expiry_session) to keep you signed in.