The short version: ThreatPulse does not collect, sell, or share your personal data. Your vendor stack and preferences are stored locally on your device. The app makes API calls to public government databases and an AI provider to deliver threat intelligence. No account required. No tracking.
01
Overview
ThreatPulse ("the app") is developed and operated by Kray Kray Studios, based in Ottawa, Canada. This Privacy Policy describes how ThreatPulse handles information when you use our iOS application.
We are committed to protecting your privacy. ThreatPulse is designed with a privacy-first approach — your data stays on your device, and we do not build profiles, run analytics, or sell data to third parties.
02
Data We Collect
ThreatPulse collects minimal data. The table below summarizes what is stored and where.
| DATA TYPE | WHERE STORED | SHARED? |
|---|---|---|
| Your first name (optional, for personalized greeting) | On-device only (UserDefaults) | Never |
| Your vendor stack selections | On-device only (UserDefaults) | Never |
| CVEs marked as confirmed patched | On-device only (UserDefaults) | Never |
| Bookmarked news articles | On-device only (UserDefaults) | Never |
| Daily threat score history | On-device only (UserDefaults) | Never |
| Intel AI chat messages | Sent to Groq API for processing, not stored | See §4 |
We do not collect your email address, phone number, location, device identifiers, or any other personally identifiable information.
03
Third-Party Data Sources
ThreatPulse fetches threat intelligence from the following public APIs. These calls are made on your behalf to deliver the app's core functionality.
| SERVICE | PURPOSE | DATA SENT |
|---|---|---|
| NIST National Vulnerability Database (NVD) | CVE data for your vendor stack | Vendor keyword search terms |
| CISA Known Exploited Vulnerabilities | Active exploitation alerts | None (public JSON feed) |
| RSS News Feeds (The Hacker News, Krebs, BleepingComputer, Dark Reading, others) | Cybersecurity news | None (public RSS feeds) |
NVD and CISA are operated by the U.S. federal government and are free public services. No personal data is transmitted to these services.
04
Intel AI Assistant
The Intel AI tab is powered by Groq, Inc., using the Llama 3.3 70B language model. When you send a message to the Intel AI assistant, your message is transmitted to Groq's API for processing and a response is returned to the app.
We recommend not including personal, confidential, or sensitive business information in your AI queries. Messages are processed by Groq in accordance with their privacy policy, available at groq.com.
ThreatPulse does not log, store, or review your Intel AI conversations. Chat history exists only in-app memory for the duration of your session and is not persisted between app launches.
05
Subscriptions & Payments
ThreatPulse Pro is available as an auto-renewing subscription managed entirely through Apple's App Store. All billing, payment processing, and subscription management is handled by Apple. Kray Kray Studios does not receive or store your payment information.
To manage or cancel your subscription, visit your Apple ID settings or the App Store subscriptions page.
06
Children's Privacy
ThreatPulse is intended for use by security professionals and is not directed at children under the age of 13. We do not knowingly collect any information from children. If you believe a child has provided information through the app, please contact us and we will take appropriate action.
07
Data Retention & Deletion
All data stored by ThreatPulse lives on your device in Apple's UserDefaults system. You can delete all app data at any time by uninstalling ThreatPulse from your device. This permanently removes your vendor stack, preferences, and all locally stored information.
Since we do not operate a server or account system, there is no remote data to delete.
08
Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated date. We encourage you to review this policy periodically. Continued use of ThreatPulse after changes constitutes acceptance of the updated policy.
09
Contact Us
If you have any questions or concerns about this Privacy Policy or how ThreatPulse handles data, please reach out: