Skip to main content

CyberMind CLI

Legal

Privacy Policy

Effective date: April 9, 2026

1. Who we are

CyberMind CLI ("CyberMind", "we", "us") is an AI-powered offensive security CLI tool and SaaS platform operated by Chandan Pandey. Our website is located at https://cybermind.thecnical.dev.

2. Data we collect

We collect the minimum data necessary to operate the service:

  • Account data: email address, full name (optional), and hashed password managed by Supabase Auth.
  • API keys: stored as SHA-256 hashes only — the plaintext key is shown once at creation and never stored.
  • Usage data: request counts per day/month, endpoint accessed, and IP address of the request — used for plan enforcement and abuse prevention.
  • Payment data: PayU transaction ID and payment status. We never store card numbers, CVVs, or bank details — these are handled entirely by PayU.
  • Contact form submissions: name, email, company (optional), subject, and message — stored for up to 365 days.
  • CLI local data: chat history is stored locally on your machine at ~/.cybermind/history.json. We do not have access to this file.

3. How we use your data

  • To authenticate you and manage your account session.
  • To enforce plan limits (daily request quotas, device limits).
  • To process payments and upgrade your plan after a successful transaction.
  • To respond to support and contact form requests.
  • To detect and prevent abuse, fraud, and unauthorized access.
  • To comply with legal obligations.

We do not sell your data. We do not use your data for advertising profiling.

4. Data storage and retention

  • Account and profile data: retained while your account is active.
  • Usage logs: automatically purged after 90 days.
  • Contact submissions: automatically purged after 365 days.
  • API key hashes: retained until you revoke the key or delete your account.

Data is stored on Supabase (PostgreSQL) hosted on AWS infrastructure. Backups are managed by Supabase according to their data retention policies.

5. Third-party services

We use the following third-party services that may process your data:

  • Supabase — authentication and database (supabase.com)
  • Vercel — frontend hosting (vercel.com)
  • Render — backend hosting (render.com)
  • PayU — payment processing (payu.in)
  • AI providers — prompts are sent to AI providers (Groq, Mistral, etc.) for processing. Prompts are processed statelessly and are not stored by us.

Each provider operates under their own privacy policy and data processing agreements.

6. Cookies and tracking

We use minimal cookies necessary for session management and authentication. We may use Google Analytics for aggregate traffic analysis. You can manage cookie preferences via the cookie consent banner.

We do not use tracking pixels, fingerprinting, or cross-site tracking.

7. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access: request a copy of your personal data.
  • Rectification: correct inaccurate data via your dashboard settings.
  • Erasure: delete your account and all associated data via DELETE /auth/account or by contacting us.
  • Portability: request your data in a machine-readable format.
  • Objection: object to processing for legitimate interests.

To exercise these rights, contact us at mrabhaygod12@gmail.com.

8. Security

We implement industry-standard security measures including:

  • API keys stored as SHA-256 hashes (never plaintext)
  • All data in transit encrypted via TLS 1.2+
  • Row-Level Security (RLS) on all database tables
  • JWT verification on every authenticated request
  • HMAC-SHA256 webhook signature verification

No system is 100% secure. If you discover a security vulnerability, please report it to mrabhaygod12@gmail.com.

9. Children

CyberMind is not directed at children under 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us immediately.

10. Changes to this policy

We may update this policy as the service evolves. Material changes will be communicated via email or a notice on the website. Continued use after changes constitutes acceptance.

11. Contact

For privacy-related questions or requests:

Email: mrabhaygod12@gmail.com

Website: https://cybermind.thecnical.dev/contact