Legal

Privacy Policy

Last updated: April 3, 2026

1. Introduction

Obfuscura ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PHP code protection platform and related services (the "Service").

2. Information We Collect

Account Information: When you register, we collect your name, email address, and password. If you subscribe to a paid plan, payment is processed by Stripe and we store your Stripe customer ID but never your full credit card number.

Project Data: We collect project names, license configurations, and encoding settings you create through the dashboard. We process your PHP source files for encoding but do not retain the original source code after encoding is complete.

License Validation Data: When your customers' applications validate licenses through our API, we receive the license key, domain name, IP address, and user agent string. This data is used to enforce license restrictions and is available in your dashboard analytics.

Usage Data: We automatically collect information about how you use the Service, including pages visited, features used, encoding frequency, and API call volume.

Technical Data: We collect browser type, operating system, IP address, and device information when you access the dashboard.

3. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the Service
  • Process your PHP files for encoding (files are processed in memory and not stored after encoding)
  • Validate licenses on behalf of your customers
  • Process payments and manage subscriptions via Stripe
  • Send transactional emails (account confirmation, password reset, license alerts)
  • Provide customer support
  • Analyze usage patterns to improve the Service
  • Detect and prevent fraud, abuse, and security incidents

4. Source Code Handling

Your PHP source code is your intellectual property. When you upload files for encoding, they are processed in an isolated environment. The original source code is not stored after the encoded output is generated. Only the encoded (protected) version is retained for download. We cannot and do not access, read, or analyze the content of your source code.

5. Data Sharing

We do not sell your personal data. We share information only in these circumstances:

  • Payment Processing: Stripe processes your payments and receives necessary billing information
  • Legal Requirements: We may disclose information if required by law, subpoena, or legal process
  • Security: We may share information to investigate fraud, abuse, or violations of our Terms
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity

6. Data Retention

Account data is retained for the duration of your account plus 30 days after deletion. License validation logs are retained for the period specified in your plan settings (default: 90 days). Encoded files are available for download for 30 days after encoding; after that, they are permanently deleted. You can request immediate deletion at any time.

7. Data Security

We implement industry-standard security measures:

  • Encryption in transit (TLS 1.2+) and at rest
  • Secure password hashing (bcrypt)
  • Regular security audits and vulnerability scanning
  • Access controls and principle of least privilege
  • Isolated encoding environments

8. Cookies

We use essential cookies to maintain your session and authentication state. We do not use third-party tracking cookies or advertising pixels. Analytics data is collected server-side without third-party trackers.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your account and associated data
  • Export your data in a portable format
  • Object to or restrict certain processing activities
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at support@@obfuscura.com.

10. International Data Transfers

The Service is operated from the United States. If you access the Service from outside the United States, your data may be transferred to and processed in the United States. By using the Service, you consent to this transfer.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the dashboard at least 14 days before they take effect.

13. Contact

For questions or concerns about this Privacy Policy, contact us at: support@@obfuscura.com

Stop Losing Revenue to Unprotected PHP

14-day free trial. Full feature access. No credit card required. No server extensions to install.

Start Free Trial See Plans & Pricing