Silent Install HQ

Privacy Policy

Last updated: 2026-06-15

1. Overview

Silent Install HQ ("we", "us") operates app.silentinstallhq.com (the "Platform"). This policy explains what data we collect when you use the Platform, how we use it, and your rights regarding it. We have designed the Platform to collect as little personal data as possible.

2. What We Collect

Installer submissions

When you upload an installer binary, we compute and store a SHA-256 hash of the file along with derived metadata: product name, version, publisher, silent install switches, detection rules, file size, and architecture. The binary itself is deleted from our servers immediately after analysis completes. If the installer cannot be identified by our detection engine, the binary may be retained in secure storage for up to 7 days to enable administrator review, after which it is permanently deleted.

Submission identifiers

Each submission is associated with a pseudonymous identifier derived from your API key or session token. We never store your raw API key or any directly identifying information alongside submission records.

API key usage

If you use the API, we record the date and request count per key for rate limiting and quota enforcement. We store a SHA-256 hash of your key — the raw key is never stored after issuance.

IP addresses

IP addresses are used to enforce rate limits on unauthenticated requests. They are processed in memory and are not written to persistent storage in the normal operating path. Server infrastructure (Railway) may retain standard access logs independently.

What we do not collect

  • No user accounts or passwords
  • No names or email addresses from Platform visitors
  • No payment information (handled externally if applicable)
  • No cross-session tracking or behavioral profiling
  • No installer binaries retained beyond the analysis window, except unrecognized installers held for up to 7 days for admin review

3. How We Use It

  • To analyze submitted installers and populate the knowledge graph
  • To enforce per-key and per-IP rate limits
  • To attribute submissions pseudonymously for quota tracking
  • To operate and improve the Platform

We do not sell data, share it with advertisers, or use it for any purpose unrelated to operating the Platform.

4. Data Retention

Installer binaries are deleted immediately after analysis. Exception: if an installer cannot be identified by our detection engine, the binary is retained in secure storage for up to 7 days for administrator review, then permanently deleted. Derived metadata (hashes, switches, detection rules) is retained indefinitely as part of the knowledge graph — it is the core product.

API key usage records are retained for 90 days for billing and quota purposes, then deleted. Pseudonymous submission identifiers are retained with the metadata record but cannot be reverse-mapped to an individual without the original API key.

5. Third-Party Services

The Platform uses the following third-party services that may process data on our behalf:

  • Railway — application hosting. Standard server access logs may be retained per Railway's own policy.
  • Supabase — managed PostgreSQL database hosting. Installer metadata is stored here.
  • Google Fonts / Tailwind CDN — loaded by the browser when you visit the Platform. These services may log your IP address per their own privacy policies.

We do not transmit installer binaries or submission metadata to any third-party service except as described above.

6. Cookies

The Platform does not set cookies for regular visitors. No tracking or analytics cookies are used.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or request deletion of personal data we hold about you. Because we do not collect names or email addresses from Platform visitors, most requests will relate to API key usage records.

To exercise any rights or ask questions about your data, contact us at legal@silentinstallhq.com.

8. Security

API keys are hashed before storage and never retrievable after issuance. Connections to the Platform use TLS. Access to the database is restricted to the application layer. We do not guarantee absolute security but take reasonable measures appropriate to the sensitivity of the data we hold.

9. Changes

We may update this policy from time to time. Material changes will be noted by updating the "Last updated" date above. Continued use of the Platform after changes are posted constitutes acceptance.

10. Contact

Privacy questions or data requests: legal@silentinstallhq.com