Privacy Policy
Information Collection
We collect the following types of personal data: (1) Account Information: name, email address, company name, and contact details you provide during registration; (2) Technical Data: IP addresses, browser type, device information, and access logs; (3) Scan Data: URLs, security findings, and scan results from your website security assessments; (4) Payment Information: billing details processed securely through our payment providers. We collect this data based on your consent, contractual necessity, and our legitimate interests in providing security services.
Information Usage
We process your personal data for the following purposes: (1) Service Delivery: to provide security scanning, vulnerability assessment, and monitoring services; (2) Communication: to send you scan results, security alerts, and service updates; (3) Account Management: to manage your subscription, billing, and customer support; (4) Security: to protect our services, detect fraud, and ensure platform security; (5) Improvement: to analyze usage patterns and enhance our services. We process data only for specified, explicit, and legitimate purposes and do not use it for incompatible purposes.
Information Sharing
We do not sell your personal information to third parties. We may share your data with: (1) Service Providers: carefully selected processors who assist in operating our services (hosting, payment processing, email delivery) under strict confidentiality agreements; (2) Legal Requirements: when required by law, court order, or to protect our rights; (3) Business Transfers: in case of merger, acquisition, or sale of assets, with prior notice to you. All third parties are contractually obligated to protect your data and use it only for specified purposes.
Data Security
We implement industry-standard technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These include: (1) Encryption: data encryption in transit (TLS/SSL) and at rest; (2) Access Controls: strict authentication and authorization mechanisms; (3) Monitoring: continuous security monitoring and incident detection; (4) Regular Audits: security assessments and vulnerability testing. For security concerns or to report vulnerabilities, contact security@cyberscore.online.
Cookies and Tracking
We use essential cookies for authentication and session management, as well as analytical cookies to understand service usage and improve user experience. You can control cookie preferences through your browser settings. We do not use cookies for advertising or tracking across other websites. Our use of cookies is minimal and necessary for service functionality.
Your GDPR Rights
Under the GDPR, you have the following rights: (1) Right of Access: obtain confirmation of data processing and access to your personal data; (2) Right to Rectification: correct inaccurate or incomplete data; (3) Right to Erasure: request deletion of your personal data ("right to be forgotten"); (4) Right to Restriction: limit processing in certain circumstances; (5) Right to Data Portability: receive your data in a structured, machine-readable format; (6) Right to Object: object to processing based on legitimate interests; (7) Right to Withdraw Consent: withdraw consent at any time; (8) Right to Lodge a Complaint: file a complaint with your supervisory authority. To exercise these rights, contact privacy@cyberscore.online. We will respond within one month.