Droptrap logo

Privacy Policy

Last Updated: 2025-12-24

1. Local-First Philosophy

Droptrap is built with a local-first philosophy. Unlike SaaS platforms, your domain watchlists, monitoring history, and hunting strategies are stored exclusively on your local machine. We do not have access to your data, and we do not transmit it to any external servers.

2. Data We Collect

We collect minimal data necessary to provide and improve the Droptrap service:

  • License Information: To authorize your purchase, we process your email and license key through our payment provider (Polar.sh).
  • Usage Analytics: We may collect anonymous, aggregated telemetry data regarding application crashes or performance bottlenecks to improve the software. You can opt-out of this in the settings.
  • WHOIS Queries: Droptrap communicates directly with Port 43 WHOIS servers or via your configured proxies. This traffic is direct from your machine; no intermediary server logs your queries.

3. Payment Processing

All payments are processed by Polar.sh, our Merchant of Record. When you make a purchase, Polar.sh collects and processes:

  • Payment Information: Credit card details, billing address, and payment method information
  • Contact Information: Email address for order confirmation and license delivery
  • Tax Information: Data necessary for VAT, GST, and sales tax compliance

This payment data is handled directly by Polar.sh and is subject to their Privacy Policy. We do not store your payment card details.

4. Data Retention

We retain your license and contact information for the duration of your license to provide support and manage your account. Anonymous usage analytics are retained for up to 24 months to identify trends and improve the software.

5. Security

Since your data is stored locally, its security depends on your device's security. We recommend using full-disk encryption and maintaining strong access controls on your workstation.

6. Third-Party Services

Droptrap integrates with external services if you choose to configure them (e.g., Slack Webhooks, SMTP servers). Any data sent to these services is subject to their respective privacy policies.

We use the following third-party services:

  • Polar.sh: Payment processing and license management
  • Anonymous Analytics: Crash reporting and performance monitoring (opt-out available)

7. Your Rights

Depending on your jurisdiction, you may have rights including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your data
  • Opt-out of analytics collection

To exercise these rights, contact support@droptrap.com.

8. Contact

If you have questions about this policy, please reach out to us at support@droptrap.com.