ALCYONE SECURE / LEGAL—LAST UPDATED · APRIL 2026

Privacy
Policy.

Name: Black Box
Availability: InStock
Author: Alcyone Secure

Black Box is local-first by design. Your activity logs stay on your device and are never transmitted externally unless you explicitly enable cloud sync.

WE CANNOT READ YOUR LOGS · BY DESIGN

§ 01

What Information We Collect

Local Activity Logs

BlackBox records system events on your device when it is under observation — file access and modification timestamps, process execution records with command lines, network connection attempts, USB device connections, PowerShell script blocks executed during a session, critical registry key changes, browser window titles, and system configuration changes. These logs stay on your device by default.

Installation Information

When you install BlackBox, we may collect device type, operating system version, installation timestamp, and registration email — used only for license validation and support.

Support & Diagnostics

If you contact us for support, we collect your communication, contact information, and (with your consent) system diagnostics to troubleshoot issues.

§ 01b

What BlackBox Never Captures

KeystrokesBlackBox never records keystrokes. It does not know what you type.
Clipboard contentBlackBox never reads or stores clipboard contents.
Screen pixelsBlackBox does not capture screenshots or screen recordings.
Full URLsOnly browser window titles are captured, never URLs or page content. A title identifies a site; the URL reveals the exact path.
Document contentsBlackBox logs that a file was opened, not what the file contains.
Command outputOnly the command line itself is captured, never the output of that command.
PowerShell command outputOnly the script block that was executed is logged, not the results it produced.
General registry contentsOnly changes to a curated list of ~18 security-critical keys are watched. User preferences, browser profiles, and application settings are not monitored.
Private/incognito page contentPrivate browsing sessions are logged as ‘private browsing occurred’ with no title or URL content.

§ 02

How We Use Your Information

License ManagementTo validate your license and ensure compliance with our terms.
Product ImprovementAggregate, anonymised analytics help us improve BlackBox.
SecurityTo prevent abuse and detect fraudulent activity.
Customer SupportTo respond to your inquiries and provide technical assistance.
Legal ComplianceTo comply with applicable laws and regulations.

§ 03

Data Storage & Architecture

Local-First by Default — Activity logs are stored exclusively on your device using AES-256-CBC encryption. No logs are transmitted to cloud servers unless you explicitly enable cloud sync.

Encryption

All stored activity data uses AES-256-CBC encryption with SHA-256 integrity verification via hash chain.

Retention

Activity logs are retained according to your configuration settings. You have full control over deletion and export of your logs.

§ 04

Cloud Sync (Optional)

BlackBox does NOT transmit data to the cloud by default. If you choose to enable cloud sync:

End-to-end encryptionActivity logs are encrypted client-side before transmission (AES-256-GCM). Our servers receive only ciphertext.
Your controlYou control when and what data is synced and can revoke cloud access at any time.
DeletionCloud-stored data is deleted when your account is deleted.

§ 05

Your Rights

AccessYou can view all activity logs stored on your device.
ExportYou can export your logs in standard formats (JSON, CSV).
DeleteYou can delete logs at any time.
DisableYou can disable activity recording by uninstalling BlackBox.
Request deletionContact us to request deletion of your account data.

§ 06

Third-Party Sharing

We do not sell your data. Your activity logs are never shared with third parties except:

Legal processWhen required by law enforcement with valid legal process.
SecurityWhen necessary to prevent fraud or security threats.
Your consentWith your explicit written consent.

§ 07

DPDP Act (India) & International Compliance

Regulatory alignment

Alcyone Secure aligns with the Digital Personal Data Protection Act 2023 (India), GDPR (EU), CCPA (USA), and other data-protection frameworks. These policies ensure your data rights are protected.

Important note

BlackBox software alone does not guarantee compliance with data-protection regulations. Your organisation remains responsible for compliant implementation and audit workflows.

§ 08

Updates to This Policy

We may update this Privacy Policy from time to time. Significant changes will be announced through email or a prominent notice on our website. Your continued use of BlackBox constitutes acceptance of updated policies.

§ 09

Contact Us

SECURITY CONCERNSsecurity@alcyonesecure.com
PRIVACY INQUIRIESprivacy@alcyonesecure.com
DATA REQUESTSsupport@alcyonesecure.com
GENERAL SUPPORTsupport@alcyonesecure.com

PrivacyPolicy.