Important: ScanGrid is committed to protecting your privacy. We collect minimal data necessary to provide our security scanning services and never sell your personal information.
1. Information We Collect
Information You Provide
- Scan Targets: URLs, IP addresses, and domain names you submit for scanning
- Contact Information: If you contact us through our contact form
Information Automatically Collected
- IP Address: Used for rate limiting and abuse prevention
- Browser Information: User agent, browser type, and version
- Usage Data: Scan timestamps, scan types selected, and scan results
- Cookies: Essential cookies for service functionality
- Server Logs: Access logs containing timestamps and request information
2. How We Use Your Information
We use the collected information for the following purposes:
- Service Provision: To perform security scans and generate reports
- Rate Limiting: To enforce usage limits and prevent service abuse
- Service Improvement: To analyze usage patterns and improve our scanning capabilities
- Security: To detect and prevent unauthorized access and misuse
- Legal Compliance: To comply with applicable laws and regulations
- Communication: To respond to your inquiries and provide support
3. Data Retention
- Scan Results: Stored for 30 days, then automatically deleted
- Access Logs: Retained for 90 days for security and troubleshooting purposes
- Rate Limiting Data: Reset every 24 hours
- Contact Form Data: Retained for 1 year or until resolved
4. Data Sharing and Disclosure
We do not sell, trade, or otherwise transfer your personal information to third parties. We may disclose information only in the following circumstances:
- Legal Requirements: When required by law, court order, or government request
- Service Protection: To protect our rights, property, or safety, or that of our users
- Abuse Investigation: To investigate potential violations of our Terms of Service
- Emergency Situations: To protect against imminent harm to persons or property
5. Data Security
We implement appropriate security measures to protect your information:
- SSL/TLS encryption for all data transmission
- Secure server infrastructure with regular security updates
- Access controls and authentication systems
- Regular security audits and monitoring
- Data encryption for sensitive information at rest
6. Cookies and Tracking
We use minimal cookies essential for service functionality:
- Session Cookies: To maintain your scan session
- Rate Limiting Cookies: To track usage limits
- Preference Cookies: To remember your scan preferences
We do not use tracking cookies for advertising or analytics purposes.
7. Third-Party Services
Our scanning service may interact with third-party security tools and databases:
- Vulnerability Databases: To check for known vulnerabilities
- IP Reputation Services: To assess target reputation
- DNS Resolution Services: To resolve domain names
These interactions are limited to what is necessary for scan functionality and do not involve sharing your personal information.
8. Your Rights
You have the following rights regarding your data:
- Access: Request information about data we have collected about you
- Deletion: Request deletion of your scan data (subject to legal requirements)
- Correction: Request correction of inaccurate information
- Withdrawal: Stop using our service at any time
9. Children's Privacy
Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will take steps to delete it promptly.
10. International Data Transfers
Our service operates from servers that may be located in different jurisdictions. By using our service, you consent to the transfer of your information to these locations for processing and storage.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes, we will:
- Update the "Last updated" date at the top of this policy
- Notify users of material changes through our website
- Provide 30 days' notice for significant changes
12. Data Protection Officer
For privacy-related inquiries, you can contact our data protection team through our website's contact form. We will respond to privacy requests within 30 days.