Legal

Privacy Policy

Diffidentia — Cybersecurity Consulting & Contracting

Last updated: May 2026 · privacy@diffidentia.ai ·

The short version: Diffidentia is a local-first security platform. Your configuration files, source code, vulnerability data, and credentials never leave your machine. We do not sell data. We do not run ads. We do not track you across the web.

1. Who we are

Diffidentia is a cybersecurity consulting and contracting firm founded by Michael Hogue-Rennie. We provide AI-powered security analysis, hands-on consulting engagements, and contract security engineering for organizations that need expert-level protection without a full-time hire.

Our principal product is the Diffidentia Security Analyzer Suite — a locally installed application that runs entirely on your own infrastructure using a local large language model.

For any privacy matter: privacy@diffidentia.ai ·

2. Information we collect on this website

This marketing website (diffidentia.ai) collects minimal information:

3. What we do not collect — the Diffidentia platform

The Diffidentia Security Analyzer Suite is locally installed. When you use it:

We have no servers that receive your security data. We have no technical ability to access your scans, findings, or configurations.

4. Consulting and contracting engagements

When you engage Diffidentia for consulting or contracting work:

5. How we use your email

If you join the early access waitlist, your email is used only to:

To be removed: email privacy@diffidentia.ai with the subject "Remove me" — we will delete your address within 5 business days.

6. Third-party services

This website is hosted on Firebase Hosting (Google LLC). Google's privacy policy applies to hosting infrastructure: policies.google.com/privacy.

We do not use Google Analytics, Facebook Pixel, or any other analytics or advertising service on this website.

7. Data retention

Data type Retention period Notes
Waitlist email addresses Until product launch or removal request One email on sign-up, one on launch
Web server logs Up to 30 days Retained by Firebase Hosting
Product scan data Local to your machine Diffidentia retains no copy
Engagement contact info Duration of engagement + 7 years Tax and legal compliance
Signed contracts and SOWs 7 years after engagement closes California business record requirements

8. Your rights

Depending on where you are located you may have rights under applicable privacy law (GDPR, CCPA, and others) including:

To exercise any right: privacy@diffidentia.ai. We will respond within 30 days.

9. Security

Security is our business. The waitlist database is stored in Firestore with access restricted to service account credentials that are not publicly exposed. We do not store passwords or payment card information.

For consulting engagements, all client data handled by Diffidentia personnel is subject to the confidentiality provisions of the signed engagement agreement. Findings and deliverables are transmitted exclusively over encrypted channels.

10. Children

This website and product are directed at security professionals and organizations. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has submitted information to us, contact privacy@diffidentia.ai and we will delete it promptly.

11. Changes to this policy

We may update this policy as the product or practice evolves. Material changes will be communicated by email to anyone on the waitlist. The "last updated" date at the top of this page always reflects the current version.

12. Contact