THRONE
See report Verify server

privacy policy

What we collect, and why.

Throne is a tool, not an ad network. We collect the minimum needed to run scans, prevent abuse, and bill customers. We do not sell your data, and there are no tracking or advertising cookies.

last updated 13 June 2026

What we collect

Verification submissions. When you create a public verification, you give us a target: an npm or PyPI package name, a GitHub repository URL, or a pasted MCP config. The target and the resulting evidence record are published in the public registry at usethrone.dev.

Network and usage data. We record the IP address a request comes from, along with timestamps and basic request metadata. We use the IP to enforce the public verification limit and to rate limit abuse. We do not use it to build a profile of you.

Customer keys. Paying customers receive an API key we issue. Payment card details are handled by our payment processor and are never stored on Throne's servers.

What we do not collect. There are no Throne accounts, passwords, advertising cookies, or third-party trackers. The website uses browser local storage only to remember a developer preview setting.

How we use it

To run the service, to keep it available and prevent runaway cost and abuse, to bill customers, and to improve how Throne works. That is the whole list.

Who processes it

We do not sell or rent your data. We rely on a small set of infrastructure providers that process data on our behalf: Render (hosting and database), Fly.io (the disposable scan sandbox), Vercel (this website), and Cloudflare (DNS and email routing). Billing is handled by our payment processor. Public registry records are visible to anyone, by design.

How long we keep it

Registry records are retained as the public, permanent registry. IP records used for the free-scan limit and abuse prevention are kept while they are needed for that purpose. You can ask us to correct or remove a record about a package using the challenge link on its page, or by emailing us.

Your choices

Email hello@usethrone.dev to ask what data we hold that is tied to you, or to request its deletion. We will respond within a reasonable time.

Security

Submitted servers run inside isolated, disposable microVMs that hold no secrets and are destroyed after every scan. Traffic to the site and API is served over HTTPS.

Changes and contact

We may update this policy as the product grows. The date at the top reflects the latest version. Questions about privacy go to hello@usethrone.dev.