Privacy Policy

Last updated: August 14, 2025

Privacy-First Approach

We're built for MSPs who respect their clients' privacy. We collect minimal data, store it securely, and automatically purge free scan data regularly.

1. Information We Collect

Scanning Data:

  • Domain Names: Domains you submit for scanning
  • IP Addresses: IP addresses associated with scanned domains
  • Scan Results: Technical findings from our security assessments
  • Timestamps: When scans were performed

User Information:

  • Email Address: For registered users and report delivery
  • User Agent: Your browser/client information
  • IP Address: Your connection IP (for rate limiting and security)
  • Referrer: The page you came from (if any)

Consent Records:

  • Consent Confirmations: Records of your agreement to terms and privacy
  • Authorization Claims: Your confirmation of scanning authorization

2. How We Use Your Information

Service Provision:

  • Performing the requested security scans
  • Generating and delivering scan reports
  • Providing historical scan data to registered users
  • Improving scan accuracy and coverage

Security and Compliance:

  • Rate limiting to prevent service abuse
  • Monitoring for unauthorized scanning attempts
  • Maintaining audit trails for consent and authorization
  • Investigating potential security incidents

We Do NOT:

  • Sell your data to third parties
  • Use your data for advertising purposes
  • Share scan results with unauthorized parties
  • Track your browsing behavior across other sites

3. Data Retention and Storage

Free Scans

  • Automatic Purging: Data deleted hourly
  • No Long-Term Storage: Results not permanently saved
  • Session-Based: Available only during scan session
  • No User Account: No persistent data storage

Registered Users

  • Retained per preferences: You control retention
  • Historical access: View past scan results
  • Account deletion: Removes all associated data
  • Data export: Download your data anytime

Consent and Authorization Records:

  • Maintained for legal compliance and audit purposes
  • Retained for minimum period required by applicable laws
  • Anonymized after required retention period

4. Data Security

Technical Safeguards:

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Restricted access to authorized personnel only
  • Secure Infrastructure: Industry-standard hosting security
  • Regular Audits: Periodic security assessments

Operational Security:

  • Staff trained on privacy and security practices
  • Incident response procedures for data breaches
  • Regular software updates and security patches
  • Monitoring for unauthorized access attempts

5. Third-Party Services

Scanning Tools:

  • External APIs: Some scans may use third-party security APIs
  • Data Sharing: Only domain/IP information shared as necessary
  • Vendor Selection: We choose privacy-conscious service providers
  • No Personal Data: Your personal information is not shared

Infrastructure Providers:

  • Cloud hosting services for application infrastructure
  • Database services for data storage
  • All providers meet enterprise security standards

6. Your Rights and Choices

Data Access and Control:

  • Access: View all data we have about you
  • Correction: Update incorrect information
  • Deletion: Request removal of your data
  • Export: Download your data in machine-readable format

Communication Preferences:

  • Opt out of non-essential communications
  • Control scan result delivery methods
  • Update your email preferences

7. Cookies and Tracking

Essential Cookies Only:

  • Session Management: Maintain your scanning session
  • Security: Prevent CSRF attacks and abuse
  • Preferences: Remember your settings

What We Don't Use:

  • No advertising or tracking cookies
  • No social media tracking pixels
  • No behavioral analytics beyond basic usage stats
  • No cross-site tracking

8. International Users

  • GDPR Compliance: European users have additional rights under GDPR
  • Data Processing: Data may be processed in multiple jurisdictions
  • Transfer Safeguards: Appropriate safeguards for international transfers
  • Local Laws: Compliance with applicable local privacy laws

9. Children's Privacy

  • Service not intended for users under 18
  • No knowing collection of data from minors
  • Contact us if you believe we've collected minor's data

10. Changes to Privacy Policy

  • Policy may be updated to reflect service changes
  • Material changes will be prominently announced
  • Continued use constitutes acceptance of changes
  • Previous versions archived and available on request

11. Contact Us

For privacy-related questions, data requests, or concerns:

Privacy Officer: [email protected]

Data Requests: [email protected]

General Questions: [email protected]

Response Time: Within 72 hours for privacy matters

Our Privacy Commitment

We built this service because we believe MSPs and their clients deserve privacy-respecting tools. We collect only what's necessary, secure it properly, and give you control over your data. If you have any concerns about our privacy practices, please reach out – we're here to help.