Privacy Policy

Last updated: December 6, 2024

Introduction

SecureSiteScan ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security scanning service.

Please read this privacy policy carefully. By using SecureSiteScan, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Information You Provide

  • Repository URLs: The GitHub repository URLs you submit for scanning.
  • GitHub Tokens: Optional personal access tokens you provide for scanning private repositories or avoiding rate limits.
  • Contact Information: Email address, name, and other details you provide when contacting us or signing up for an account.

Information Collected Automatically

  • Usage Data: Information about how you use our service, including scan requests and results.
  • Device Information: Browser type, operating system, and device identifiers.
  • Log Data: IP addresses, access times, and pages viewed.

How We Use Your Information

We use the information we collect for the following purposes:

  • To provide and maintain our security scanning service
  • To analyze repository code for security vulnerabilities
  • To improve and optimize our detection algorithms
  • To communicate with you about your scans or account
  • To detect and prevent abuse or security threats

Code and Data Handling

Important: We Don't Store Your Code

SecureSiteScan performs static analysis on your code in memory. We do not permanently store your source code on our servers. Code is fetched, analyzed, and immediately discarded after the scan completes.

  • Repository code is processed in memory only during scans
  • Scan results (findings) are stored for 30 days on free plans
  • GitHub tokens are used only for the current scan and not stored
  • We never access repositories beyond what's needed for scanning

Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: With third-party vendors who help us operate our service (hosting, analytics).
  • Legal Requirements: When required by law or to protect our rights.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.
  • With Your Consent: When you have given us explicit permission.

Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit using TLS/SSL
  • Secure cloud infrastructure with regular security audits
  • Access controls and authentication for all systems
  • Regular security reviews of our own code

Your Rights

Depending on your location, you may have the following rights:

  • Access, correct, or delete your personal information
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent at any time

To exercise these rights, please contact us at info@securesitescan.com.

Cookies

We use cookies and similar technologies to improve your experience. For details, see our Cookie Policy.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us: