🔒Privacy Policy
ScanWeb is committed to protecting your privacy and ensuring the security of any data processed during security scans.
Data Collection
- We collect only the URL you provide for scanning purposes
- Scan results are temporarily stored for analysis and reporting
- No personal information is required to use our basic scanning service
- IP addresses are logged for security and rate limiting purposes
Data Usage
- Scan data is used solely for security analysis and reporting
- Aggregated, anonymized data may be used to improve our scanning algorithms
- We do not sell, share, or distribute your scan data to third parties
- Scan results are automatically deleted after 30 days
Data Protection
- All data transmission is encrypted using industry-standard TLS
- Scan results are stored in secure, encrypted databases
- Access to scan data is restricted to authorized personnel only
- Regular security audits ensure data protection compliance
📋Terms of Service
By using ScanWeb, you agree to the following terms and conditions governing the use of our security scanning service.
Acceptable Use
- You may only scan websites you own or have explicit permission to test
- Scanning third-party websites without permission is prohibited
- Do not use ScanWeb for malicious purposes or illegal activities
- Rate limiting applies to prevent abuse of our scanning infrastructure
Service Availability
- ScanWeb is provided on an "as-is" basis without warranties
- We strive for high availability but cannot guarantee 100% uptime
- Maintenance windows may temporarily interrupt service
- We reserve the right to modify or discontinue features with notice
Limitation of Liability
- ScanWeb results are for informational purposes only
- We are not liable for any damages resulting from scan results or recommendations
- Users are responsible for implementing appropriate security measures
- Professional security consultation is recommended for critical systems
🛡️Security Policy
ScanWeb maintains strict security standards to protect our infrastructure and user data while providing reliable security scanning services.
Infrastructure Security
- All systems are regularly updated with security patches
- Multi-factor authentication required for administrative access
- Network segmentation isolates scanning infrastructure
- Continuous monitoring detects and responds to threats
Scanning Ethics
- Scans are performed respectfully with appropriate rate limiting
- We do not exploit vulnerabilities discovered during scans
- Scanning follows responsible disclosure principles
- User consent is required before scanning any website
Data Security
- Encryption in transit and at rest for all sensitive data
- Regular security audits and penetration testing
- Incident response procedures for security events
- Compliance with industry security standards and best practices
🔍Responsible Disclosure
We believe in responsible disclosure of security vulnerabilities and encourage security researchers to report issues through proper channels.
Reporting Security Issues
Disclosure Process
- Report security issues privately via email before public disclosure
- Provide detailed information about the vulnerability and potential impact
- Allow reasonable time for investigation and remediation
- We will acknowledge receipt within 48 hours and provide updates
Recognition
- Security researchers who responsibly disclose issues will be credited
- We maintain a security hall of fame for contributors
- Coordinated disclosure timelines respect both security and transparency
- We do not pursue legal action against good-faith security research
Scope
- ScanWeb web application and API endpoints
- Supporting infrastructure and services
- Client-side security issues in our web interface
- Authentication and authorization mechanisms