Coming SoonHijackShield is launching soon. Sign up for early access

Privacy Policy

Last updated: June 2026

AiTM Security LLC ("AiTM Security," "we," "our," or "us") operates the HijackShield browser security product and the hijackshield.ai website. This Privacy Policy explains how we collect, use, and protect information when you use our products and services.

1. Our core privacy principle

HijackShield is designed with privacy at its foundation. Detection and scoring run entirely on your device — no page content, browsing data, or credentials are ever sent to AiTM Security servers. We do not operate a cloud detection service. We do not collect or store your browsing history, page content, form inputs, or credentials.

In this policy, the terms "collect," "collection," and "share" refer to the transmission of data from your device to AiTM Security or to any third party. Processing that occurs entirely on your own device — including communication between the HijackShield browser extension and the HijackShield Agent installed on the same machine over the loopback interface (127.0.0.1) — is on-device processing, not collection. AiTM Security has no access to data that is only processed on your device.

2. What the browser extension does

The HijackShield browser extension analyzes web pages locally in your browser to detect phishing threats. All analysis happens on your device. The extension does not transmit page content, URLs, or detection signals to AiTM Security or to any other external service.

To evaluate a page, the extension passes signals derived from it — including the URL, domain, and structural DOM indicators — to the HijackShield Agent installed on the same device, over the loopback interface (127.0.0.1:8787). The loopback interface is not network-routable; data sent to it cannot leave your machine. AiTM Security does not receive, log, or otherwise have access to this data.

3. What the Go agent does

The HijackShield Agent runs locally on your device and performs scoring, policy evaluation, and optional enterprise integrations. The agent stores the following data on your local device only:

Stored locally

Device identity (hostname, a locally generated device ID), SIEM integration configuration (if configured by your organization), detection history (stored in the browser extension's local storage), and a retry queue for SIEM events that failed to deliver.

Sent to your organization's Azure tenant (enterprise only)

If your organization configures the optional Microsoft Sentinel SIEM integration, detection events are forwarded from the local agent to your organization's own Azure Log Analytics workspace. This data flows directly from your device to your organization's Azure tenant — it does not pass through AiTM Security infrastructure. AiTM Security does not have access to your organization's Sentinel data.

4. What the website collects

The hijackshield.ai website uses Cloudflare Web Analytics, which collects anonymous, aggregated usage data without cookies and without collecting personal information. We do not use Google Analytics or any other third-party tracking service.

If you contact us via email or a contact form, we retain your message and email address for the purpose of responding to your inquiry.

5. Account and payment data

If you purchase a HijackShield subscription, payment processing is handled by Stripe. We do not store credit card numbers or payment method details on our servers. Stripe's privacy policy governs the handling of your payment information. We retain your email address, organization name, and subscription details for license management and billing purposes.

6. What we do not collect

We do not collect, store, or have access to:

Your browsing history or the URLs you visit. The content of web pages you view. Credentials, passwords, or form inputs you enter. The content of your emails. Your organization's Microsoft Sentinel data. Any personal data beyond what is necessary for account management and billing.

While the HijackShield Agent on your device processes URLs and page indicators locally to evaluate them for phishing threats, this processing happens entirely on your machine. We do not receive this data and cannot reconstruct your browsing activity.

7. Data sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share information only in the following circumstances: with Stripe for payment processing, with legal authorities if required by law, or to protect the rights and safety of AiTM Security and its users.

8. Data security

The HijackShield Agent stores SIEM credentials (OAuth2 client secrets, bearer tokens) with restrictive file permissions on your local device. These credentials are never stored in the browser extension or sent to AiTM Security. The browser extension communicates only with the local agent at 127.0.0.1:8787 — it never makes outbound calls to AiTM Security or any other external service for detection purposes.

9. Data retention

Detection history is stored locally in the browser extension and retained according to your configured retention period (default: 30 days). SIEM retry queue events are retained locally for up to 24 hours. Account and billing data is retained for the duration of your subscription and for a reasonable period afterward for legal and accounting purposes.

10. Your rights

Because HijackShield processes detection data locally on your device, most of your data is under your direct control. You can clear your detection history from the extension dashboard, uninstall the extension and agent to remove all local data, and contact us to request deletion of any account or billing data we hold.

11. Children's privacy

HijackShield is not directed to children under 13. We do not knowingly collect personal information from children under 13.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of HijackShield after changes constitutes acceptance of the updated policy.

13. Contact us

If you have questions about this Privacy Policy or our data practices, contact us at privacy@hijackshield.ai.

AiTM Security LLC
Georgia, USA