Shellax
This policy describes, in practical terms, how Shellax handles uploaded files, request metadata, cookies, operational telemetry, and advertising-related settings. It is written to explain how the service operates today in plain language, including which parts of the experience are active on the site and which parts depend on account-side or regional configuration.
When you upload a file, Shellax may process the file contents, the original filename, a cryptographic hash, file type information, request metadata, and the resulting analysis output. Depending on deployment settings, the service may also record request timestamps, IP-related rate-limit metadata, queue state, and aggregate security statistics needed to keep the service stable and abuse-resistant.
Shellax is designed to inspect supported files without intentionally executing macros, JavaScript, or embedded payloads in the normal review path. Uploaded files are staged temporarily so scanning, caching, and optional deep scan operations can complete. Temporary file locations and retention windows are controlled by deployment settings and cleanup jobs.
A result page should not be treated as proof that a file is safe. Analysis is best-effort and may miss threats or produce false positives.
Shellax is not designed as a permanent document hosting service. Uploaded files, cached results, queue state, and aggregate threat statistics exist for limited operational periods and are removed as retention windows expire or cleanup routines run.
In practical terms, the service keeps a temporary upload copy long enough to complete scanning, may cache a result for repeat lookups, and may retain minimal operational records needed for abuse prevention, reliability, and measurement.
Shellax caches analysis results and job state for a limited period so recent uploads can be displayed, deep scans can complete, and operational metrics can be generated. Runtime retention is controlled by service configuration such as cache TTL values, share-link expiry, and storage cleanup behavior. Not every runtime record is kept permanently.
Shellax uses local storage and similar browser technologies for basic site behavior, including remembering the current theme preference. Security and session-related technologies may also be used where needed to keep the service functional and resistant to abuse.
If analytics, consent tooling, or advertising features are enabled, additional first-party or third-party cookies and storage technologies may be used for measurement, consent signaling, ad delivery, or frequency controls. Browser settings can usually be used to block, clear, or limit these technologies, although doing so may affect site behavior.
Shellax may collect limited operational telemetry to understand site health, request volume, queue performance, and aggregate security patterns. The exact telemetry pipeline depends on deployment settings. Where enabled, telemetry is used to support reliability, abuse prevention, and service improvement rather than cross-site user profiling.
If Shellax uses Google Analytics or a similar measurement tool, it may collect basic usage information such as page views, referral sources, approximate device information, and interaction events. This helps the operator understand site performance and improve the product.
When enabled, Google Analytics may set cookies or use similar technologies to measure how visitors use the site. This data is used for site measurement rather than document analysis.
Analytics may use cookies or similar technologies when enabled. If analytics is not enabled on a given deployment, this section describes possible use rather than active collection.
Shellax may display advertising. When advertising is enabled, third-party vendors including Google may use cookies or similar technologies to help serve ads, measure ad delivery, limit repetition, and, where permitted, personalize advertising based on prior visits to this and other websites.
Depending on location, traffic source, and consent status, users may receive personalized ads, non-personalized ads, limited ads, or no ads at all. Shellax does not promise that personalized advertising is available in every region or traffic source.
Google's use of advertising cookies may enable it and its partners to serve ads based on visits to this and other sites. Users can learn more about Google advertising controls through Google's own settings and policy pages.
If Shellax serves ads to users in the EEA, UK, or Switzerland, a Google-compatible certified consent solution may be required before personalized advertising can be used in those regions. The site includes configuration support for consent-mode defaults and CMP integration, but account-side setup in Google Privacy & messaging or with a certified CMP is still required.
Where relevant, the site operator uses or should use a certified CMP that supports current ecosystem expectations, including TCF v2.3 where applicable. Until that setup is complete, personalized advertising should remain disabled for those regions.
You can contact Shellax using [email protected] for privacy-related questions. Users may also manage browser cookie settings, clear local storage, and review Google advertising controls where Google-served ads are involved.
If a consent management platform is active on the site, users may be able to update ad and measurement choices through that interface. The exact options depend on deployment configuration and local regulatory requirements.
Shellax may revise this policy as the service changes, especially if consent tooling, analytics, storage backends, or advertising integrations are updated. Material changes should be reflected on this page with updated public content.
For questions about this policy, contact [email protected]. Related operational pages: About, Contact, and Terms.