โ† Back to TridentScan
๐Ÿ”ฑ

Privacy Policy

Last updated: February 2026

The Short Version

We collect the minimum data needed to scan your site and show you results. We don't sell your data. Ever. We don't track you across the web. We don't harvest data from the sites you scan.

What We Collect

  • Scan URLs โ€” the website addresses you submit for scanning
  • Scan results โ€” the findings, grades, and recommendations we generate
  • IP address โ€” for rate limiting and abuse prevention only
  • Email โ€” only if you sign up for an account

What We Don't Collect

  • No passwords from scanned sites
  • No cookies from scanned sites
  • No user data from scanned sites
  • No browsing history beyond what you scan

Our scanner checks publicly visible configuration โ€” headers, certificates, DNS records, and common paths. We never attempt to access private data, databases, or user accounts on scanned sites.

How Long We Keep It

Free tier: Scan reports are stored for 30 days, then automatically deleted.

Paid tiers: Reports are retained as long as your subscription is active, plus 30 days after cancellation.

IP addresses used for rate limiting are kept in memory only and not persisted to disk.

Cookies

Minimal. If you're not logged in, we set zero cookies. If you are logged in, we use a single authentication cookie. No tracking cookies, no analytics cookies, no third-party advertising cookies.

Third Parties

We use a small number of trusted services:

  • Vercel โ€” hosting and deployment
  • Supabase โ€” database and authentication
  • Stripe โ€” payment processing (we never see your card number)

Each of these services has their own privacy policy. We chose them because they take privacy seriously.

We Don't Sell Data

We don't sell, rent, trade, or share your personal data with anyone for commercial purposes. Period. This isn't a marketing line โ€” it's a principle.

Your Rights

You can request deletion of your data at any time. If you have an account, deleting it removes all associated data. For anonymous scans, data expires automatically after 30 days.

Changes

If we change this policy, we'll update the date at the top. Material changes will be communicated to registered users via email.

Privacy questions? Email privacy@tridentscan.com