Privacy Policy

IP addresses — used to rate-limit anonymous scans. Counters expire automatically within hours to days and are not used for any other purpose.

API key usage stats — if you use the API, we record last_used_at and total_scans to enforce rate limits.

Account data — if you create an account we store your email, a verification timestamp, your credit balance, and a credit transaction log so you can see purchases, scan spends, and refunds.

Scan inputs and results— inputs you submit and the scan results we return are stored in our database. When you're signed in, those records are associated with your account so you can view scan history, compare versions, and rerun previous scans. We group related signed-in scans into campaigns (with a version timeline) so the "Edit & rerun" and "Use suggested update in next version" flows can show diffs between submissions.

If you run a scan without signing in, the inputs and results are stored without an account identifier and are not surfaced in any user-facing history view. Crawled website content used to evaluate URLs is processed by the scanner service to return the scan response; the app database stores the submitted scan request and final scanner result, not a browsable anonymous history.

Rate limit counters (IP-based) expire automatically within hours to days. API key records persist for the lifetime of the key.

Signed-in scan inputs, results, and campaign version history are retained for as long as your account exists so you can use the history and rerun features. If you want a specific scan removed, or your account and all associated scan history deleted, email us at [email protected] and we'll handle it.