Privacy Policy

Last updated: February 2, 2026

Introduction

SentinelScan ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Please read this privacy policy carefully. If you do not agree with our policies and practices, please do not use our service.

Information We Collect

We may collect information about you in a variety of ways. The information we may collect on the Site includes:

Personal Data

When you register and use SentinelScan, we may collect:

  • Account Information: Name, email address, username, and profile picture
  • Authentication Data: OAuth tokens and identifiers from login providers
  • Organization Data: Company name, team member information
Usage Data

We automatically collect:

  • IP addresses and browser/device information
  • Pages visited, features used, and time spent on the platform
  • Scan configurations, target URLs, and scan results
  • Error logs and performance metrics
Scan Data

When you perform security scans, we collect:

  • Target URLs and domains you scan
  • Security findings and vulnerability reports
  • Subdomain discovery results

How We Use Your Information

We use collected information for the following purposes:

  • Provide, maintain, and improve the SentinelScan platform
  • Process your security scans and generate vulnerability reports
  • Send you scan results, alerts, and notifications you've requested
  • Process payments and manage your subscription
  • Provide customer support and respond to inquiries
  • Detect, prevent, and address security issues and abuse
  • Analyze usage patterns to improve our services
  • Send important service updates and security notices

Data Sharing and Third Parties

We share your information with the following third-party services:

Service Purpose Data Shared
Stripe Payment processing Billing information, email
SendGrid Email notifications Email address, notification content
Have I Been Pwned (HIBP) Breach monitoring Email addresses for breach checks
OAuth Providers Authentication OAuth tokens, profile information

We may also disclose your information:

  • To comply with legal obligations or valid legal processes
  • To protect our rights, privacy, safety, or property
  • In connection with a merger, acquisition, or sale of assets

Data Retention

We retain your data for as long as:

  • Account Data: As long as your account is active, plus 30 days after deletion
  • Scan Results: As specified in your subscription plan
  • Billing Records: 7 years as required for tax and legal compliance
  • Usage Logs: 90 days for operational purposes

You may request deletion of your data at any time by contacting us.

Your Rights

Depending on your location, you may have certain rights with respect to your personal information, including:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Correction: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data for certain purposes
To exercise these rights, contact us at [email protected]. We will respond within 30 days.

Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (TLS 1.3) and at rest
  • Secure authentication via industry-standard protocols
  • Regular security assessments and updates
  • Access controls and audit logging
  • Secure cloud infrastructure with trusted providers

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Children's Privacy

SentinelScan is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected].

Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience. For detailed information about our cookie usage, please see our Cookie Policy.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. When we transfer data internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.

Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date at the top of this policy
  • Sending you an email notification for significant changes

Your continued use of the service after changes become effective constitutes acceptance of those changes.

Contact Us

If you have questions about our privacy practices, or to exercise your rights, please contact us at:

[email protected]