Privacy & Data Handling Notice

ArtifactPilot Privacy & Data Handling Notice
Effective Date: May 22, 2026
Version: 1.3
Publisher: NH Media LLC

This notice summarizes how ArtifactPilot is designed to handle data. It supplements the ArtifactPilot End User License Agreement, product documentation, and any marketplace or merchant-of-record terms that apply to your purchase.

1. Local-first design

ArtifactPilot is designed to scan and clean developer workspaces locally on your computer. By default, ArtifactPilot does not need to upload your source code, file contents, scan results, cleanup candidate list, workspace paths, cleanup manifests, or project files to NH Media LLC to perform local scanning and cleanup.

2. Local files created by ArtifactPilot

ArtifactPilot may create local settings, activity logs, CSV reports, JSON cleanup manifests, license records, and configuration files on your computer. These files are intended to help you review scans, cleanup previews, completed cleanup actions, and license status.

3. License activation and validation

Some commercial builds may require online license activation or validation. During activation or validation, ArtifactPilot may transmit information necessary to validate a license, such as license key or purchase code, product identifier, application version, activation status, timestamp, and a pseudonymous machine identifier.

To enforce license limits, ArtifactPilot may generate a unique pseudonymous machine identifier from local device and operating-system attributes, such as hostname, platform information, machine architecture, and operating-system username. Current builds hash these values before using the identifier for activation. The standard activation identifier sent by ArtifactPilot is the hashed identifier rather than the raw source values.

For CodeCanyon/Envato purchase-code validation, ArtifactPilot may send the purchase code and hashed machine identifier to an NH Media LLC-controlled verification endpoint, which may then verify the purchase with Envato/CodeCanyon systems. Envato seller credentials should remain server-side and should not be embedded in the desktop app.

Third-party licensing providers, marketplaces, merchant-of-record services, payment processors, or support systems may process purchase, billing, refund, tax, account, activation, and license-instance information under their own terms and privacy policies.

4. Payments

ArtifactPilot does not process payment-card information locally. Payment-card data, billing addresses, taxes, refunds, chargebacks, and receipts are handled by the marketplace, merchant of record, reseller, or payment processor used for the purchase, such as Lemon Squeezy, CodeCanyon/Envato, Gumroad, or another listed provider.

5. Support

If you contact support, you may choose to provide logs, screenshots, reports, manifests, license details, or other information. Do not send source code, secrets, credentials, private keys, protected health information, client data, or other sensitive files unless specifically requested and appropriate.

6. Safety note

ArtifactPilot's logs and manifests may include local file paths and names. Treat exported reports and manifests as potentially sensitive because path names can reveal project names, usernames, client names, technology stacks, or internal system structure.

7. Contact

For privacy questions, use the contact method listed on the ArtifactPilot product page, invoice, marketplace listing, purchase receipt, or documentation.