Neekware ← Back to Home

Neekware Inc. Security Policy

Last Updated: 2025-11-26

1. Introduction

Neekware Inc. is committed to protecting the security, integrity, and availability of our systems and our users’ data. This Security Policy describes the technical and organizational measures used to protect ehAye™ Engine and related services.

2. Local First Architecture

ehAye™ Engine operates under a local first security model:

  • All processing occurs on your device
  • Your projects, files, and content remain local
  • No cloud storage of user content is required
  • Network communication is limited to licensing, authentication, and optional telemetry

This structure materially reduces exposure to centralized data breaches.

3. Data Protection Scope

3.1 Data in Transit

All communications between ehAye™ Engine and Neekware Inc. infrastructure are encrypted using industry standard TLS protections, including:

  • License activation and verification
  • Account authentication
  • Optional crash diagnostics and telemetry

3.2 Local Data Storage

ehAye™ Engine stores the following locally on your device only:

  • Streaming credentials and API keys
  • Project files and generated content
  • Application configuration and preferences

User Responsibility: Because data is stored locally, you remain responsible for:

  • Device level security controls
  • Secure backups
  • Protection of local credentials

4. Authentication and Access Control

  • Industry standard OAuth based authentication
  • Secure session management
  • Passwords are not stored by Neekware Inc
  • Identity provider security controls govern login protection

5. Vulnerability Reporting and Responsible Disclosure

We support responsible security research and coordinated disclosure practices.

Reporting Process

Security issues should be reported to security@neekware.com with:

  • Description of the vulnerability
  • Reproduction steps
  • Supporting logs or proof of concept
  • Potential impact analysis
  • Researcher contact information

Good faith security research will not result in legal action.

6. Internal Security Practices

6.1 Development Controls

  • Secure coding standards
  • Regular dependency vulnerability scanning
  • Security focused code reviews

6.2 Infrastructure Controls

  • Active monitoring of licensing infrastructure
  • Regular patching and update cycles
  • Minimal exposed network surface

6.3 Data Minimization

  • Email for authentication
  • License verification metadata
  • Optional anonymized diagnostics only by user opt in

7. Third Party Integrations

ehAye™ Engine supports external integrations, including:

  • Stream Providers
  • MCP based AI integrations

When using third party services:

  • Credentials are stored locally only
  • Neekware Inc. has no access to external credentials
  • External data is governed by third party privacy and security policies
  • Users are solely responsible for third party security compliance

8. User Security Responsibilities

Users are expected to:

  • Maintain strong authentication credentials
  • Enable two factor authentication with identity providers
  • Keep operating systems and software updated
  • Protect license keys and streaming credentials
  • Avoid unauthorized sharing of access
  • Immediately report suspected compromise

9. Incident Response

If a verified security incident occurs:

  • We will investigate and contain the issue
  • Impacted users will be notified when legally required
  • Regulatory notification will be made where applicable
  • Remediation steps will be implemented promptly

10. Beta Software Notice

ehAye™ Engine is currently distributed as beta software. While security best practices are enforced, users acknowledge that undiscovered vulnerabilities may exist during active development.

11. Policy Updates

This Security Policy may be updated periodically. The Last Updated date reflects the most recent revision. Continued use of the Services constitutes acceptance of the updated policy.

12. Governing Law and Venue

These Terms are governed by and construed in accordance with the laws of the Province of Ontario and the federal laws of Canada applicable therein, without regard to conflict of law principles. Exclusive jurisdiction and venue shall reside in the courts located in Waterloo, Ontario, Canada.

The English version of this document is the only legally binding version. Any translations may be AI-generated, may contain inaccuracies, and are provided solely for convenience.

13. Contact Information

Security Contact
Email: security@neekware.com

Corporate Address
Neekware Inc.
133 Weber St. N. Suite 3-204
Waterloo, ON N2J 3G9
Canada

Legal Contact
Email: legal@neekware.com