Privacy Policy

Last updated: April 22, 2026

Bromure is built by Seclio LLC. This page explains what information we collect when you visit bromure.io and use the Bromure application, why we collect it, and what we do with it. We aim to keep this policy short, plain, and honest.

In short

  • We do not sell your data. We do not share it with advertisers, data brokers, or anyone else who would pay for it.
  • We collect the minimum needed to run the site, distribute the app, and fix problems.
  • We make a best effort to keep what we store out of the wrong hands. No system is perfect, so we will tell you if something goes wrong.

The website (bromure.io)

When you browse this site, we collect:

  • Standard request logs — IP address, user agent, URL, and timestamp. Kept briefly, used for debugging and abuse prevention.
  • Google Analytics — aggregated traffic data (pages viewed, referrers, approximate region, device class). Used only to understand which parts of the site people find useful.
  • Anything you submit through a form (for example, the Design Partners contact form). Used solely to reply to you.

The Bromure application

The application is built around the idea that your browsing is yours. Concretely:

  • Every browsing session runs in a disposable virtual machine on your own Mac. The sites you visit, the cookies they set, and the data they load never pass through our servers.
  • We do not collect your browsing history, tabs, bookmarks, downloads, credentials, or traffic.
  • Optional features that talk to outside services — VirusTotal scanning, Cloudflare WARP, WireGuard, IKEv2, AI phishing detection, iCloud profile sync — only do so when you enable them. Each is documented in the Settings Reference. The privacy policies of those third parties apply to the data you send them.
  • If you are on a managed Bromure deployment (mTLS client certificate issued by your organization), your administrator may collect audit logs as described in their own policy. Those logs are not sent to us.

Why we collect it

  • To run and improve the website and the application.
  • To reply to support and business inquiries.
  • To detect and mitigate abuse.
  • We do not have an advertising product, and we do not sell, rent, or trade the data we hold. Our business model does not depend on it.

Security

  • We run widely used, actively maintained software and keep it patched.
  • Access to production systems is limited to the people who need it, protected by strong authentication.
  • We take reasonable care, but no organization can promise perfect security. We do our best to keep data safe, and if we ever become aware of an incident that affects you, we will tell you without undue delay.

Third parties

The services that receive data from this site or the app:

  • Google Analytics — anonymized website usage.
  • Our hosting provider — serves the website and download files.
  • Services you configure inside the application (VirusTotal, a VPN provider, iCloud, etc.) — only receive data when you turn them on.

Your rights

  • You can ask us what data we hold about you, have it corrected, or have it deleted. Write to [email protected].
  • The site uses one first-party analytics cookie. Blocking it does not affect how the site works.

Changes

We may update this policy as the product evolves. The date at the top always reflects the last revision. Material changes will be announced on the News page.

Contact

Seclio LLC · [email protected]