Privacy Policy
Effective March 26, 2026
Barracade is a desktop security application built by Barracade Technology. This policy covers what we collect when you use barracade.com or the desktop app, what we do with it, and your rights.
1. Information we collect
Account information
When you create an account, we collect your email address and an optional name. Passwords are hashed with bcrypt before storage.
Payment information
Payments are processed by Stripe. We do not receive or store your credit card number, CVV, or banking details. Stripe transmits a confirmation of payment completion, which we use to activate your license. Your payment details are governed by Stripe's Privacy Policy.
License and purchase data
We store your license key, purchase date, and licensed email address. This is required to validate your license when you activate the desktop app.
Usage data
We use Vercel Analytics and Speed Insights to collect anonymous, aggregated page view and performance data. This data does not include personally identifiable information and is used to improve the website.
Scan data
All security scans, analyses, and reports generated by the Barracade desktop app run locally on your machine. Scan results are not transmitted to our servers.
2. How we use your information
- To create and manage your account
- To issue and validate your software license
- To process your payment through Stripe
- To send transactional emails (purchase confirmation, license delivery)
- To respond to support inquiries
- To detect and prevent fraud and abuse
We do not sell your data. We do not use your information for advertising. We do not share your information with third parties except as described below.
3. Third-party services
4. Data retention
Your account and license data are retained for as long as your account exists. If you request account deletion, we remove your personal data within 30 days, subject to our obligation to retain certain records for legal and accounting purposes (typically 7 years for payment records).
5. Security
Passwords are hashed with bcrypt (cost factor 12). All communication with barracade.com uses TLS. Access to account data is restricted to authenticated sessions. We do not store payment card data on our servers.
6. Your rights
Depending on where you reside, you may have rights to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your account and personal data
- Request a copy of your data in a portable format
- Object to certain processing
To exercise these rights, email security@barracade.com.
7. Cookies
We use a single session cookie set by NextAuth to keep you signed in. This cookie is strictly necessary for authentication and is not used for tracking. It expires when your session ends or after 30 days. We do not use advertising or analytics cookies.
8. Changes to this policy
We may update this policy from time to time. We will post the new policy here with an updated effective date. Continued use of Barracade after changes take effect constitutes acceptance of the updated policy.
9. Contact
Questions about this policy or your data can be sent to security@barracade.com.