DRM3
Stack Intelligence ALPHA

Privacy notice

Plain language. What we collect and what we do not. Effective 2026-04-18.

What we collect about you

When you use RunsWith we log the following to operate the service, apply rate limits, and prevent abuse:

  • Your API key identifier (so we know which key issued a request).
  • Your IP address (for rate limiting, abuse detection, and security).
  • Query logs: the endpoint you called, the parameters, the timestamp, the HTTP status, the response size.
  • Session cookies if you sign in through the web UI. The cookie holds a signed JWT with your key identifier and a display name.

What we do not collect

RunsWith analyzes infrastructure, not people. We do not collect personal data about the domain subjects we fingerprint. We do not attempt to identify, profile, or reach out to individuals connected to the domains in the dataset. We do not sell or share firmographic, demographic, or behavioral data about domain owners or their customers, because we do not have it.

Cookies

We set one cookie: a session JWT used to keep you logged in. It expires when you sign out or when it ages out. We do not set advertising cookies, analytics cookies, or third-party cookies.

Retention

Query logs are retained for 30 days and then deleted. Session cookies live in your browser for the JWT lifetime and are discarded on sign-out. Your API key metadata is retained while the key is active and for a reasonable audit window after revocation.

How the data is used

Only for service operation. Specifically:

  • Rate limiting and quota enforcement.
  • Abuse detection and mitigation.
  • Aggregate usage metrics (total requests, error rates, top endpoints) in anonymized form, for internal capacity planning.
  • Debugging your reports, when you open one.

We do not sell your usage data. We do not use it for advertising.

Who we share with

No third-party data sharing for marketing or advertising. We use Cloudflare to operate the service, which means Cloudflare processes requests on our behalf as an infrastructure provider. If law enforcement compels disclosure with a valid legal order, we will comply to the extent required.

Deletion and data access

To request deletion of your query logs, session records, or API key, email privacy@drm3.io from the address associated with your account. We will confirm the request and act on it within a reasonable window.

Children

RunsWith is not intended for anyone under 16. Do not use it if you are under 16.

Changes

We may update this notice during alpha. Material changes will be surfaced on the login page and in the dashboard.

Contact

Privacy questions or deletion requests: privacy@drm3.io.

DRM3 Labs Corp. Wilmington, Delaware, United States.