Terms of Service
Revision 2026-03-23
1. Product Scope
XyndraShield is a Windows desktop security tool for protected port routing, host-level traffic filtering, Windows failed-logon monitoring, optional service hardening, webhook notifications, licensing, and update delivery. It is designed for Windows-hosted game and service workloads. Some features rely on WinDivert and some operate through XyndraShield's own proxy routing path.
2. License Verification
License verification is performed against the XyndraShield licensing service. During verification, the software may send your license key, public IP address, Windows machine identifier, Discord ID, Discord username, and a timestamp so the license can be validated and update eligibility can be checked. A successful verification may also create cached offline license data for short-term offline operation.
3. Administrative Actions
If you enable features such as WinDivert filtering, brute-force firewall bans, service hardening, or update application, you authorize XyndraShield to perform the corresponding local administrative actions on the Windows system. These actions can include starting or using the WinDivert components, adding or removing Windows Firewall rules, changing selected Windows service startup types, and launching the sidecar PowerShell updater after the main process exits.
4. Protected-Port Enforcement
XyndraShield can deny, rate-limit, temporarily ban, or otherwise restrict new connections on the protected ports you configure. Emergency Defense Mode can apply stricter temporary rules, and Extreme mode can block all new connections on protected ports except loopback and whitelisted IPs. These controls apply only to the ports managed by XyndraShield and do not, by themselves, target unrelated Windows services such as RDP unless you separately configure those services or firewall rules.
5. Optional Third-Party Intelligence Providers
If you enable the optional Threat Intelligence Enrichment feature, XyndraShield can send public source IP addresses from visible log entries to third-party providers such as IPinfo Lite, AbuseIPDB, and GreyNoise Community so the app can display country, network ownership, abuse-confidence, or scanner/noise context in the consoles. This feature is optional, user-controlled, and intended for investigation visibility only. It is not required for the core filtering, rate-limiting, or ban logic to function.
6. User Responsibility For Settings
You are responsible for reviewing and testing your own port mappings, thresholds, ban settings, UDP signatures, service hardening choices, webhook destinations, and emergency-mode actions before using them in production. Incorrect configuration can block legitimate traffic or change the behavior of the protected host.
7. Updates And Changes
The application can check for updates through the licensing backend and may download update packages when you choose to do so. Feature availability, defaults, and legal terms may change over time. Continued use of updated versions means you accept the then-current terms published in this Legal Center.
8. Refunds And Cancellation
Unless otherwise stated in a separate written sales agreement, digital license sales are final once delivered or activated. If you have a billing dispute, contact the support address listed on the website.
Privacy Policy
Revision 2026-03-23
1. What The Website Collects
The website in the software-site folder is a static site. It does not include analytics scripts, advertising trackers, or cookie banners in the current shipped source. If you contact us by email or through an external platform such as Discord, the data you provide through that channel is handled by that channel.
2. What The Desktop App Collects For Licensing
The desktop app collects and transmits the minimum license-verification data used by the current code path: license key, public IP address, Windows machine identifier, Discord ID, Discord username, and a timestamp. This information is sent to the license verification API and is also used for update checks that run through the same licensing flow.
3. Cached Local License Data
After successful verification, XyndraShield can store cached license information locally, including product and plan details, verification timestamp, last verified IP, Discord information, and offline validation material. This data is stored on the local machine so the app can validate the license for a limited offline period.
4. Network Traffic And Security Events
XyndraShield processes protected-port traffic and Windows Event ID 4625 data locally on the Windows host. The current application code does not send your packet payloads, packet headers, or Windows Security Event log contents to the XyndraShield website by default. If you configure Discord webhooks, the notification content you choose to send is delivered to the Discord webhook URL you provide.
5. Optional Threat-Intelligence Enrichment
If you enable Threat Intelligence Enrichment, the application can send public IP addresses parsed from visible log entries to the configured third-party providers, currently including IPinfo Lite, AbuseIPDB, and GreyNoise Community, so it can retrieve country, ASN/network-owner, abuse-confidence, and internet-noise classification details for display inside the app. This feature is optional and disabled unless you configure and enable it. The related provider API keys or tokens are stored locally in the app settings on the machine where XyndraShield runs.
6. Local Logs And Diagnostics
The app maintains local operational data such as on-screen logs and update debug logs on the host machine. These are local files or in-memory views controlled by the running app. If you manually share screenshots, exported data, or logs with support, that is your separate decision.
7. Cookies
The current static website source does not implement non-essential cookies, analytics cookies, or advertising cookies.
End User License Agreement
Revision 2026-03-23
1. License Grant
Subject to successful license verification and compliance with these terms, you are granted a limited, non-exclusive, non-transferable right to use XyndraShield on supported Windows systems.
2. No Guarantee Of Complete Attack Prevention
XyndraShield is a host-level protection tool. It can help filter, rate-limit, and ban traffic on the protected ports you configure, but it does not guarantee prevention of all attacks. In particular, it does not by itself solve upstream bandwidth saturation, volumetric DDoS events beyond the capacity of your connection, or application-layer exploits that appear valid after a connection has been accepted.
3. Configuration Risk
You accept responsibility for the operational impact of your settings. Misconfigured route targets, thresholds, probation rules, whitelist entries, UDP signatures, hardening controls, emergency modes, or webhook destinations can affect legitimate users and services.
4. Windows And Third-Party Components
XyndraShield is Windows-only in its current shipped form. It also bundles and uses the WinDivert components for supported filtering scenarios. If you choose to enable optional Threat Intelligence Enrichment, the app can also communicate with configured third-party providers such as IPinfo Lite, AbuseIPDB, and GreyNoise Community to retrieve investigation context for public IP addresses found in logs. Your use of WinDivert and any optional third-party provider remains subject to the applicable third-party terms for that component or service.
5. Reverse Engineering And Abuse
You may not use the software to unlawfully interfere with systems you do not own or control. You may not bypass or tamper with the licensing, verification, or update mechanisms except where non-waivable law expressly permits a narrow exception.
6. Warranty Disclaimer
XyndraShield is provided "as is" and "as available" without warranties of any kind to the fullest extent permitted by law, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
7. Limitation Of Liability
To the fullest extent permitted by law, XyndraShield and its author are not liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for loss of profits, loss of data, downtime, misconfiguration impact, or security incidents that are outside the direct and proven result of a legal breach that cannot be disclaimed.