Privacy Policy - Website Defender

Introduction

Website Defender ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website security scanning service.

By using Website Defender, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account Information

When you create an account, we collect:

Email address
Password (stored securely using industry-standard hashing)
Name (optional)

Scan Data

When you scan websites, we collect:

Domain names you scan
Scan results and security findings
Timestamps of scan activity

Usage Data

We automatically collect certain information when you use our service:

IP address
Browser type and version
Pages visited and features used
Time and date of visits
Time spent on pages

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number or payment details on our servers. We receive only:

Last 4 digits of your card
Card expiration date
Billing address
Stripe customer ID

How We Use Your Information

We use the collected information to:

Provide and maintain our security scanning service
Process your transactions and subscriptions
Send scan results and security alerts
Respond to your inquiries and support requests
Improve our service and develop new features
Send marketing communications (with your consent)
Comply with legal obligations

Data Retention

We retain your data as follows:

Account data: Retained while your account is active, plus 90 days after deletion request
Scan history: Retained for the duration of your subscription
Free scan results: Automatically deleted after 48 hours
Payment records: Retained for 7 years for tax and legal compliance

Data Sharing

We may share your information with:

Service Providers

Stripe: Payment processing
Resend: Email delivery
Cloud hosting providers: Infrastructure and data storage

Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights and the safety of our users.

We do not sell your personal information to third parties.

Your Rights

Under GDPR and similar regulations, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate personal data
Erasure: Request deletion of your personal data
Portability: Export your data in a machine-readable format
Objection: Object to processing of your personal data
Withdrawal: Withdraw consent for marketing communications

To exercise these rights, contact us at privacy@websitedefender.io or use the settings in your account dashboard.

Cookies

We use cookies and similar technologies for:

Essential cookies: Required for authentication and security
Analytics cookies: To understand how you use our service

You can control cookies through your browser settings. Disabling essential cookies may prevent you from using certain features.

Security

We protect your data using:

TLS encryption for all data in transit
Encryption at rest for sensitive data
Secure password hashing (bcrypt)
Regular security audits
Access controls and monitoring

While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

International Transfers

Your data may be transferred to and processed in countries outside your own. We ensure appropriate safeguards are in place through standard contractual clauses and other approved transfer mechanisms.

Children's Privacy

Our service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on our website.

Contact Us

If you have questions about this Privacy Policy, please contact us:

Email: privacy@websitedefender.io
Contact form: websitedefender.io/contact