ToolProof Privacy Policy

Version: 1.0.0 Effective Date: 2026-05-05

This Privacy Policy explains what information ToolProof LLC ("ToolProof," "we," "us") collects when you purchase or use the ToolProof desktop application, what we do with it, and the choices you have. We've tried to keep this short and honest. If anything is unclear, email privacy@toolproof.dev (or support@toolproof.dev if the privacy address isn't yet set up) and we'll explain.

ToolProof currently sells only to customers in the United States.

1. What We Collect, and Why

We collect the minimum information needed to deliver and support your license. Specifically:

Data	Source	Why We Need It	Retention
Email address	You, at checkout	Deliver your license key, contact you about your license, respond to support requests	Life of the license; deleted on request
Name	Stripe checkout	Associate your license with your purchase, support communications	Life of the license; deleted on request
Machine ID (SHA-256 hash)	The Software, at activation	Bind your license to your computer; prevent license sharing	Life of the license
IP address at activation	License-activation server logs	Fraud prevention, abuse investigation	90 days, then deleted
Payment metadata (last-4 digits and card brand)	Stripe	Customer-service reference; refund handling	Life of the license
Support correspondence	You, when you email us	Respond to and follow up on your request	2 years from last contact

The Machine ID is a one-way SHA-256 hash derived from one or more hardware identifiers on your computer. It cannot be reversed to identify your specific hardware, and it is not used for tracking outside of license validation.

2. What We Do NOT Collect

We deliberately don't collect a lot of things you might expect a software vendor to collect. Specifically:

No analytics or telemetry in the desktop app. The Software does not send usage statistics, crash dumps, feature usage, or session data to us or to any third party.
No G-code content. Your G-code files are parsed entirely on your computer. Their contents are never transmitted to us.
No tool library content. Your tool libraries are read and analyzed locally and never leave your machine.
No usage tracking. We don't know which features you use, how often you launch the Software, or what files you open.
No "phone home" behavior other than the initial license activation and one-time-per-day license validation check, both of which transmit only your license key, machine ID hash, and your IP address.
No advertising IDs, no third-party trackers, no fingerprinting.

3. Third Parties

We use a small number of third-party service providers to operate ToolProof. Each is named below, with a link to its own privacy policy.

Stripe, Inc. — payment processing. We send Stripe your name, email, and purchase amount; Stripe collects your payment information directly. ToolProof never sees your full card number. Stripe's privacy policy: https://stripe.com/privacy.
Resend — transactional email delivery (license key emails, support replies, account notifications). We send Resend the recipient email address and the message contents. Resend's privacy policy: https://resend.com/legal/privacy-policy.
Netlify — hosting for our website and license-activation backend. Netlify processes the IP addresses and request metadata that come with normal web traffic. Netlify's privacy policy: https://www.netlify.com/privacy/.

We do not use any third-party analytics, advertising networks, social media tracking pixels, or marketing automation systems.

4. How We Use Your Information

We use your information only to:

Deliver your license key after purchase.
Bind your license to your computer and validate it on activation and on periodic validation checks.
Respond to your support requests.
Process refunds and handle payment disputes.
Investigate fraud, abuse, or violations of the EULA or Terms.
Send you legally required notices (e.g., material changes to this Policy or to the EULA).

We do not use your information for marketing without your separate consent, and we do not sell or rent your information to anyone.

5. Data Retention

We retain your license records (email, name, machine ID) for as long as your license is active, so that we can support you and validate your license. If you request deletion (see Section 7), we will deactivate your license and delete personal data within thirty (30) days, except where we are required by law to retain certain records (for example, tax records).

IP addresses associated with license activations are deleted after ninety (90) days.

Support email correspondence is retained for two (2) years from your last contact, then deleted.

6. Security

We use industry-standard practices to protect your data, including encryption in transit (TLS) for all network requests, encryption at rest for backend records, and access controls limiting who at ToolProof can view personal data. No system is perfectly secure, however, and we cannot guarantee absolute security. If we become aware of a security incident affecting your personal data, we will notify you as required by applicable law.

7. Your Rights

You have the following rights regarding your personal information:

Access. Request a copy of the personal data we hold about you.
Correction. Ask us to correct inaccurate information.
Deletion. Ask us to delete your personal data. Note: deleting your data will deactivate your license; the Software will no longer be licensed for your use.
Portability. Request a copy of your data in a portable format.
Complaint. Lodge a complaint with a data-protection authority where applicable.

To exercise any of these rights, email privacy@toolproof.dev (or support@toolproof.dev). We will respond within thirty (30) days. We may need to verify your identity before fulfilling certain requests.

California Residents (CCPA/CPRA)

Although ToolProof is a U.S.-national business and not specifically targeted at California, we honor the rights granted by the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA") for California residents. Specifically, if you are a California resident, you have the right to:

Know what personal information we have collected about you;
Request deletion of your personal information;
Request correction of inaccurate personal information;
Opt out of the sale or sharing of personal information — note: we do not sell or share personal information for cross-context behavioral advertising; and
Be free from retaliation for exercising your rights.

To exercise these rights, contact us at privacy@toolproof.dev. We do not knowingly discriminate against users who exercise their privacy rights.

8. Children

ToolProof is not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

9. International Users

ToolProof currently sells only to U.S.-based customers. If you access the Software from outside the United States, you are doing so at your own initiative, and your information will be processed in the United States.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email to registered customers at the email address on file at least thirty (30) days before they take effect, or as soon as reasonably practicable for changes required by law. Non-material changes (for example, clarifications or formatting improvements) will be reflected by updating the version and effective date at the top of this Policy.

11. Contact

For privacy questions or to exercise any right described above:

ToolProof LLC Email: privacy@toolproof.dev (preferred) or support@toolproof.dev Web: toolproof.dev

End of Privacy Policy, version 1.0.0.