Privacy Policy - AISEC Security Scanner

YOUR DATA SECURITY

AISEC is designed with security at its core. We understand that you're trusting us with sensitive information about your systems, and we take that responsibility seriously. Your scan data is encrypted, isolated, and never shared.

Information We Collect

When you use AISEC, we collect the following types of information:

Account information (email, name, company)
Domain verification records
Scan configuration and results
Usage analytics and performance metrics
Communication records (support tickets, emails)

Scan Data

When you run security scans, we collect and store information discovered during the scan, including but not limited to:

URLs and endpoints discovered
Vulnerability findings and evidence
HTTP request/response data
Technology stack information
Security configuration details

This data is essential for providing you with comprehensive security reports and is stored securely with access limited to your account only.

How We Use Your Information

We use the collected information to:

Provide and improve the AISEC security scanning service
Generate vulnerability reports and security assessments
Send service notifications and security alerts
Provide customer support and expert consultation
Analyze usage patterns to improve our AI models
Comply with legal obligations

Data Security

We implement industry-standard security measures to protect your data:

All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Scan results are isolated per account with strict access controls
Regular security audits and penetration testing of our infrastructure
Multi-factor authentication available for all accounts
SOC 2 Type II compliant infrastructure

Data Retention

We retain your scan data for the duration of your subscription plus 30 days. Upon account deletion, all associated scan data is permanently removed within 30 days. You may request immediate deletion of specific scan data at any time.

Data Sharing

We do NOT sell your data. We only share information in these limited circumstances:

With your explicit consent (e.g., sharing reports with your team)
With security experts during live consultation sessions (at your request)
To comply with legal requirements or valid court orders
To protect the rights, safety, or property of AISEC or others

Third-Party Services

AISEC uses the following third-party services that may process data:

Cloud infrastructure providers (for secure hosting)
AI model providers (for vulnerability analysis)
Payment processors (for subscription management)
Email service providers (for notifications)

All third-party providers are vetted for security and bound by data processing agreements.

Your Rights

You have the right to:

Access and download your scan data and reports
Correct inaccurate account information
Delete your account and associated data
Export your data in standard formats
Opt out of non-essential communications
Request information about how your data is processed

Cookies and Tracking

We use essential cookies for session management and authentication. We use analytics cookies to understand how users interact with our service. You can disable non-essential cookies through your browser settings.

International Data Transfers

Your data may be processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including Standard Contractual Clauses for transfers outside the EEA.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the service. Continued use after changes constitutes acceptance of the updated policy.

Contact

For privacy-related questions or to exercise your rights, contact us at: privacy@aisec.tools

// PRIVACY POLICY