Privacy Policy

When you use SecureScorecard, we collect the following information: - Domain names you submit for scanning - Email address when you create an account - Scan results and history associated with your account - Payment information (processed securely by Stripe — we never store card details) - Basic usage data such as pages visited and features used We do not collect any personal information from the domains you scan. Our scans are entirely passive and query only publicly available DNS, SSL, and HTTP data.

We use the information we collect to: - Provide, operate, and improve SecureScorecard - Store your scan history and generate reports - Process payments for paid plans - Send you transactional emails such as report delivery and account confirmation - Respond to your support requests - Analyze usage patterns to improve the product We do not sell your personal information to third parties.

Your data is stored securely using Supabase, which is hosted on AWS infrastructure. All data is encrypted in transit using TLS and at rest using AES-256 encryption. Scan results are stored and associated with your account if you are logged in. Anonymous scans are not stored beyond the immediate session. We implement industry-standard security measures including Row Level Security (RLS) to ensure users can only access their own data.

We use essential cookies to maintain your authentication session. We do not use advertising cookies or third-party tracking cookies. You may disable cookies in your browser settings, but this may prevent you from using certain features such as staying logged in.

We use the following third-party services: - Supabase — database and authentication - Stripe — payment processing - Vercel — hosting and deployment Each of these services has their own privacy policy and data handling practices.

We retain your account data and scan history for as long as your account is active. If you delete your account, your data will be permanently deleted within 30 days. Free plan users scan history is limited to the 3 most recent scans. Older scans are automatically deleted.

You have the right to: - Access the personal data we hold about you - Request correction of inaccurate data - Request deletion of your account and associated data - Export your scan history in CSV format (Pro and White Label plans) To exercise any of these rights, contact us at privacy@securescorecard.io

If you have any questions about this Privacy Policy, please contact us at: privacy@securescorecard.io