Last Updated: December 27, 2025
Vigilcap ("we," "us") provides technical due diligence services. We understand that Source Code is the most valuable asset in an M&A transaction. This policy outlines our strict "Zero-Retention" data handling practices.
Our core scanning engine runs locally on the user's infrastructure. We do not upload source code files to our cloud servers for analysis.
Any data processed during the scan exists in volatile memory (RAM) only for the duration of the audit. It is discarded immediately upon report generation.
We recognize that Source Code is a highly sensitive asset. To ensure maximum security and intellectual property protection, Vigilcap adheres to the following strict data minimization protocols:
Our proprietary scanning engine operates locally on the user's infrastructure. We do not upload, store, or retain your raw source code files on our servers.
Any data processed during the audit exists in volatile memory (RAM) only for the duration of the scan session. It is permanently discarded immediately upon the generation of the PDF Report.
We explicitly warrant that we do not use any Client source code, proprietary algorithms, or trade secrets to train, fine-tune, or improve our artificial intelligence models. Your IP remains yours.
The only data transmitted to Vigilcap is the final PDF Report and the cryptographic metadata (SHA-256 hash) required for report verification.
We collect standard billing information (Name, Email, Payment Method) via our Merchant of Record (Lemon Squeezy).
We employ industry-standard encryption (TLS 1.2+) for all report transmissions. However, no method of transmission over the Internet is 100% secure.