Privacy Policy

Account data (name, email, role), session/security logs, and support communications.

Billing data (invoices, payments, payouts, expenses, receipts).

Scan configuration and outputs (scope, targets, evidence). Scan outputs may contain personal data depending on the target.

To provide and secure the service, deliver security testing and reporting, handle billing/accounting, and prevent abuse.

Performance of contract, legitimate interests (security/fraud prevention), and legal obligations (e.g., accounting retention).

Consent where required for non-essential cookies/marketing (if applicable).

We use vendors for hosting, payments (Stripe), and storage (Cloudflare R2) as configured.

We keep a sub-processor register and apply contractual safeguards where required.

Financial records and receipts are retained for statutory accounting periods.

Scan evidence is retained only as long as needed for reporting and verification, then deleted or minimized.

You may request access, correction, or deletion where applicable; deletion can be limited by legal obligations and security needs.

You may lodge a complaint with Datatilsynet (Denmark) or your local supervisory authority.