Built for Privacy.
Hardened by Design.
Security software should never compromise the privacy of your users. Hilux provides world-class bot detection without collecting, storing, or exfiltrating any personal data.
GDPR Compliant
Hilux doesn't store PII by default. Risk scoring is performed using ephemeral hashes and session fingerprints.
Zero Data Exfiltration
Your data stays in your infrastructure. Hilux runs locally within your Node.js process and Redis cluster.
Privacy by Design
We focus on behavioral signals rather than individual identity. Anonymization is at the core of our engine.
Data Handling Policy
Hilux does not require access to your users' email addresses, actual names, or location history. We focus purely on technical signals: IP reputation, header consistency, and behavioral anomalies.
All risk scoring happens in your memory space
Redis is used only for ephemeral state and rate limiting
We do not use any third-party tracking or telemetry
No PII (Personally Identifiable Information) is ever stored
Global Compliance
GDPR Readiness
Fully aligned with EU data protection requirements.
CCPA Compliance
Supports "Do Not Sell" requirements out of the box.