Privacy Policy
1. Information We Collect
We collect personal information to provide and improve our platform services. This includes:
- Account Data: Name, email address, and profile picture retrieved via secure Google OAuth sign-in or standard signup fields.
- Billing Information: Transaction identifiers, order details, and credit package acquisitions. All actual payment processing is carried out by secure gateways (Dodo Payments/Stripe). We do not store raw card numbers, expiry dates, or banking passwords.
- Scan Logs: Target domain names, vulnerability risk grades, timestamps, and findings generated during security assessments.
2. How We Use Your Data
Your data is processed to:
- Authenticate your identity and manage active user sessions.
- Operate security scanners, deduce scan credit balances, and show personal assessment histories.
- Troubleshoot platform errors, enforce credit limits, and prevent abusive or malicious scans of internal servers.
- Send receipts, transaction notifications, and respond to support enquiries.
3. Data Sharing & Security
We do not sell, trade, or rent user data to third parties. We share data only with trusted infrastructure providers (like Render for hosting, Supabase/PostgreSQL for database caching, and payment partners) strictly to provide the platform. We employ standard modern hashing (bcrypt), TLS encryption, and secure tokens to guard stored data.
4. Cookies
We use session cookies and local storage tokens (`ts_token`) to preserve your authentication state and preferences. We do not use cookies for tracking across third-party websites.
5. User Rights & Data Deletion
You have full authority to access your profile, inspect scan histories, and request the complete deletion of your account. To erase your profile and records permanently, please contact our support desk at technologies.ary@gmail.com. We will process your deletion request within 48 hours.