The short version
- You buy through Stripe Checkout. Card details never touch our servers; payment is handled by Stripe directly.
- License key arrives by email within seconds. The key is cryptographically signed and verifies offline against the public key built into the product.
- The product never calls home. No usage telemetry, no activation server, no internet connection required to keep running. Validate once at install, you're done.
- Lose the email? Re-derive on demand. Submit your purchase email at the recovery endpoint and we re-issue the same key - it's deterministic from your purchase.
- Download links are signed and valid for 7 days. Lose the link, request a fresh one. The underlying purchase is permanent.
What we don't do
- No data collection. We don't collect, store, or want your usage data. The product never sends us anything once it's on your machine.
- No usage tracking. Once the binary is on your machine it never reports back. We literally don't know if you're running it.
- No customer database to breach. Order history lives in Stripe; we look it up on demand. Nothing for an attacker to dump from us.
- No account required. One purchase, one email, one license key. Nothing to log into.
For the technically curious
Each license key is an Ed25519 signature over (product, email, session_id, issued_at). The product ships with the public half of the keypair, so verification is a few hundred bytes of code with no network round-trip. Re-running fulfillment is safe: the same purchase always derives the same key, so the recovery flow returns exactly what arrived in your original email.
Order history lives in Stripe; we don't keep a customer database. There's nothing to back up, nothing to migrate, and nothing for an attacker to exfiltrate from our infrastructure.
Questions about a purchase?
Email contact@cyberfrogsystems.com
with your order email and we'll dig in.