Security Whitepaper

1. Overview

SkarpTech is committed to building software that respects your privacy and protects your data. This whitepaper outlines our security architecture, data handling practices, and the measures we take to ensure OCTOM operates securely on your system.

2. Data Collection

We do not collect:

• Telemetry data or usage analytics
• Input sequences or machine configurations
• Personal identifiers or behavioral patterns
• System information or hardware fingerprints

The only data that leaves your system is the minimal information required for license activation (HTTPS encrypted), which includes your license key and activation timestamp.

3. Local Storage

OCTOM stores all data locally on your machine using JSON/BSON serialization. Your input sequences, configurations, and preferences never leave your system. License keys are stored encrypted and are only validated during activation.

4. Network Communication

OCTOM operates entirely offline. The only network communication occurs during license activation, which uses HTTPS to securely validate your license key. No other outbound connections are made.

5. Third-Party Services

Paddle: Handles payment processing. We receive only transaction confirmation and license key generation, no payment details are stored on our servers.

hCaptcha: Used for bot protection on public download pages. Only verifies human interaction, no personal data is collected.

6. Source Code Transparency

OCTOM utilizes open source components which are fully credited in our Software page. We believe in transparency and welcome community review of our security practices.

7. Vulnerability Reporting

If you discover a security vulnerability in any SkarpTech product, please contact us at security@skarptech.com. We take all reports seriously and will respond promptly.