Privacy Policy
Last Updated: January 31, 2025
1. Introduction
At scaneo.io ("we", "us", or "our"), we are committed to protecting your privacy and ensuring the security of any information you provide to us. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our automated security scanning service ("Service").
By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.
2. Information We Collect
2.1 Information You Provide
When you use our Service, we collect the following information that you voluntarily provide:
- Email address: Used to deliver your security scan reports.
- Target domains and/or IP addresses: The systems you authorize us to scan.
2.2 Information Collected Automatically
If you consent to cookies, we may automatically collect certain information, including:
- Browser type and version
- Device type and operating system
- Pages visited and time spent on our website
- Referring website or source
- IP address (for analytics purposes only)
2.3 Scan Results
When we perform security scans on your behalf, we temporarily collect:
- Vulnerability findings and security issues discovered
- Technical information about the scanned systems
- Generated security reports
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 Service Delivery
- To perform security scans on the targets you specify
- To generate and deliver security reports to your email address
- To communicate with you about your scan requests
3.2 Service Improvement (with consent)
- To analyze website usage and improve user experience
- To understand how visitors interact with our website
4. Confidentiality of Scan Results
Your security scan results are strictly confidential. We commit to the following:
- No sharing: We do not share, sell, or disclose any findings, vulnerabilities, or security issues discovered during scans to any third party.
- Client-only access: Security reports are sent exclusively to the email address you provide.
- No public disclosure: We never publicly disclose or publish information about vulnerabilities found in your systems.
- Employee access: Only essential personnel have access to scan data, and all are bound by strict confidentiality obligations.
5. Data Retention and Deletion
We maintain strict data retention policies to protect your information:
- Security reports: All security scan reports and associated data are automatically deleted from our cloud provider storage within 3 days of generation.
- Email addresses: Your email address may be retained for communication purposes unless you request deletion.
- Analytics data: If you consent to cookies, anonymized analytics data may be retained for up to 26 months.
You may request immediate deletion of your data at any time by contacting us.
6. Third-Party Services
We use third-party services to operate our Service:
6.1 Cloud Infrastructure
Our security scans are executed on third-party cloud provider infrastructure. These providers maintain their own security practices and compliance certifications. We select providers that meet industry security standards.
6.2 Analytics Services (with consent)
If you accept cookies, we may use the following analytics services:
| Service | Purpose | Data Collected |
|---|---|---|
| Google Analytics | Website traffic analysis | Page views, sessions, user behavior |
| Google Tag Manager | Tag management | Script loading and events |
| Microsoft Clarity | User experience analysis | Session recordings, heatmaps |
These services only collect data if you provide cookie consent.
7. Cookies
We use cookies to improve your experience on our website. Cookies are small text files stored on your device.
7.1 Types of Cookies
- Essential cookies: Required for basic website functionality (always active).
- Analytics cookies: Help us understand how visitors use our website (require consent).
- Marketing cookies: Used to track visitors across websites for advertising purposes (require consent).
7.2 Your Cookie Choices
When you first visit our website, you will be asked to accept or decline cookies. If you decline:
- No analytics or marketing cookies will be stored
- No tracking scripts will be loaded
- Your preference will be remembered using localStorage (not a cookie)
You can change your cookie preferences at any time by clearing your browser's localStorage and revisiting our website.
8. Data Security
We implement appropriate security measures to protect your information:
- SSL/TLS encryption for all data transmission
- Secure cloud infrastructure with access controls
- Limited employee access to sensitive data
- Regular security assessments of our own systems
While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but commit to promptly addressing any security incidents.
9. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate personal data.
- Deletion: Request deletion of your personal data.
- Portability: Request transfer of your data to another service.
- Objection: Object to processing of your personal data.
- Withdraw consent: Withdraw consent for data processing at any time.
To exercise these rights, please contact us at the email address provided below.
10. Children's Privacy
Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.
11. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate safeguards to ensure your data remains protected in accordance with this Privacy Policy.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: support@scaneo.io
14. Legal Basis for Processing (GDPR)
For users in the European Economic Area, we process your personal data based on:
- Contractual necessity: Processing required to provide our Service to you.
- Consent: For analytics and marketing cookies, which you can withdraw at any time.
- Legitimate interests: For improving our Service and ensuring security.
- Legal obligations: When required by applicable law.