Privacy Policy

Privacy first by design.

Effective June 2, 2026. is419 is operated from Alberta, Canada and is designed to help people analyze suspicious content while minimizing long-term data retention.

Privacy First: is419 is designed to analyze content without maintaining a permanent database of your scans.

Information We Collect

You may submit screenshots, pasted messages, conversation text, selected scan context, and an optional email address if you ask us to send you a report. We also process technical metadata such as request time, approximate client network identifiers, browser-provided headers, and security events.

How We Use Information

We use submitted content to generate scam, manipulation, impersonation, fraud, and trust-risk reports. We use limited metadata to operate the service, prevent abuse, debug failures, secure the platform, and respond to support or privacy requests.

AI Processing

Submitted content may be sent to AI service providers to produce an informational risk assessment. is419 instructs providers not to store scan content for model training where provider controls allow. AI outputs are probabilistic and should be independently verified.

Data Retention

Submitted content is processed transiently to generate a report and is not stored in a permanent user database. Abuse-prevention metadata, such as hashed client identifiers, hashed duplicate fingerprints, hashed email report signals, counters, and cooldown markers, may be retained for up to 30 days. Operational logs are retained only as required for security, debugging, reliability, and legal compliance. Email delivery records are retained only as operationally necessary by is419 and its email delivery provider.

Security

We use server-side API keys, request size limits, input validation, image type checks, hashed abuse signals, rate limits, cooldowns, privacy-safe logs, and least-retention practices. No security system is perfect, but is419 is built to reduce unnecessary exposure.

Third-Party Services

is419 may use infrastructure, AI analysis, email delivery, analytics, logging, hosting, and Redis-compatible storage providers. These services process data only as needed to provide, secure, measure, or improve the platform. We do not sell personal information.

International Data Transfers

Submitted content and operational metadata may be processed by service providers outside Canada, including in the United States. Current providers may include OpenAI for AI processing, Vercel for hosting, Upstash for Redis-compatible abuse-prevention storage, and Resend for report email delivery, or equivalent providers performing similar functions.

Analytics Usage

Analytics, if enabled, are used to understand aggregate product usage, reliability, and abuse trends. We do not use analytics to build permanent profiles from scan content.

Children's Privacy

is419 is not directed to children under 16 years old and should not be used by minors. If you believe a child submitted personal information, contact us so we can review and remove applicable information where possible.

Canada Privacy Rights

Under Canadian privacy laws, including PIPEDA where applicable, you may request access to personal information we hold about you, request correction of inaccurate information, ask questions about our privacy practices, and make a privacy complaint. Because is419 minimizes retention and does not keep a permanent scan database, some submitted content may no longer exist when a request is received.

GDPR Rights

Where the GDPR applies, you may have rights to access, deletion, correction, portability, restriction, and objection. Our lawful bases may include providing the service you request, legitimate interests in security and abuse prevention, consent where requested, and compliance with legal obligations.

California Rights

Where California privacy laws apply, you may have rights to know, delete, and correct personal information, and to limit or opt out of certain uses. is419 does not sell personal information.

Security Incidents

If we determine that a security incident creates a legal notification obligation, we will provide notices as required by applicable law. We may also take steps to investigate, contain, remediate, and prevent similar incidents.

Accountability

Privacy Officer: is419support@zerionai.ca. You can contact the Privacy Officer with access, correction, deletion, complaint, or data-handling questions.

Contact Information

Privacy requests can be sent to is419support@zerionai.ca. Please do not include sensitive passwords, payment details, or unnecessary third-party personal information in your request.

Changes to This Policy

We may update this policy as is419 evolves. Material changes will be reflected on this page with updated language. Continued use of the service after updates means the current policy applies.