How we handle your data

Minimal data, clear purpose

We collect only the data necessary to provide the service. When you submit a check, we receive the content you submit (URL, message text, or file), any context you add, and basic metadata such as submission time and your plan tier. We do not collect browsing history, device fingerprints, or data from outside your direct submission.

No credential collection — ever

MountainShield does not ask for and does not need your passwords, account credentials, PINs, or authentication tokens. If anyone claiming to be from MountainShield asks for your credentials, treat it as a phishing attempt and report it to us immediately.

How submissions are stored

Submissions are retained for a limited period (typically 30–90 days) for the purpose of fulfilling the service and any follow-up. After that period, submitted content is deleted unless you request otherwise or legal retention requirements apply. You can request deletion of your submission data at any time by contacting support.

Encryption and access control

All data is transmitted over TLS (HTTPS). Access to submission data is restricted to authorized personnel involved in review. We do not share submission content with third parties for marketing, advertising, or data brokering purposes.

Remote assistance — Premium only

Premium plan subscribers may request guided remote assistance sessions for incident response. These sessions require your explicit written consent before any remote access tool is used. Scope is limited to the specific incident being addressed, and sessions are time-bounded. You may terminate a session at any time. Remote assistance is only provided through our official support channel — we will never initiate unsolicited remote access requests.

Safe submission practices

When submitting suspicious items, follow these practices to protect yourself:

• Do not click suspicious links before submitting — paste the URL directly
• For suspicious files, do not open them on your primary device
• Do not share your passwords or account access with us — we do not need them
• If a file is too risky to handle, describe what you received and we will advise

Responsible disclosure

If you discover a security vulnerability in MountainShield's systems, we ask that you report it responsibly to support@mountainshield.example with "Security Disclosure" in the subject line. We will acknowledge receipt within 48 hours and work to address confirmed vulnerabilities promptly.

Your rights

EU users and others with applicable data rights may request access to, deletion of, or a portable copy of their personal data by contacting us. See our Privacy Policy for full details on your rights and how to exercise them.