Privacy Policy

Last updated: [DATE]. What we collect and why.

What a scan collects

• The URL you submit and the resulting public scan data (certificate, headers, DNS, detected technology).
• Free scans are computed on our own server — your URL is not sent to any third-party AI or external service.
• Paid scans send scan data to Claude (Anthropic) to generate the plain-English report.
• Basic request metadata (IP address, timestamp) for abuse-prevention and rate-limiting.

How we use it

• To deliver your report. For Monitor/paid customers, we store scan history so you can track changes over time.
• Aggregate, anonymised patterns may improve detection accuracy. We do not sell personal data.

Third parties we use

Cloudflare (hosting/CDN/abuse protection), Anthropic/Claude (paid report generation only), and — for paid tiers — Lemon Squeezy (payments) and Resend (email).

This summary reflects our current data practices. A full, formal privacy policy is being finalised — for any question in the meantime, email [email protected].