Back to home

Privacy Policy

Last updated: May 3, 2026

1. Information We Collect

We collect the following types of information:

  • Account data: Name, email address, company name, role, and other profile information you provide during registration.
  • Scan inputs: Email addresses, domains, URLs, and IP addresses you submit for scanning and analysis.
  • Scan results: Identity exposure data, threat intelligence results, and security analysis outputs generated by the platform.
  • Security logs: Authentication events, platform usage, scan history, and platform access logs.
  • Usage data: Plan utilization, feature usage, and interaction patterns for service improvement.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the cybersecurity intelligence services
  • Process identity exposure scans and generate threat intelligence reports
  • Manage your account, subscriptions, and plan entitlements
  • Send transactional emails (account verification, scan results, plan updates)
  • Enforce usage limits and prevent abuse
  • Maintain security logs and audit trails

3. Payment Processing

Payment processing is handled by Stripe. We do not store credit card numbers, CVVs, or full payment details on our servers. Stripe's privacy policy governs the handling of payment information. We store only Stripe customer and subscription identifiers to manage your billing relationship.

4. Email Delivery

Transactional emails (account verification, scan notifications, approval updates) are sent through trusted email delivery services. Emails are sent from noreply@volkano.io. We do not sell your email address or send marketing emails without consent.

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Service partners: Infrastructure and operational services necessary to operate the platform (hosting, email delivery, payment processing).
  • Threat intelligence sources: Scan queries are processed through secure intelligence sources to generate results. Queries are handled securely and retained only as needed to operate the service.
  • Legal requirements: When required by law, regulation, or valid legal process.

6. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS) and at rest
  • Row-level security policies on database tables
  • Authentication and access controls
  • Audit logging of administrative actions

7. Data Retention

Account data is retained while your account is active. Scan results and security logs are retained for the operational lifetime of your account. You may request deletion of your account and associated data by contacting us at info@volkano.io. Deletion requests are processed within 30 days.

8. Your Rights

You have the right to:

  • Access your personal data held by the platform
  • Correct inaccurate account information
  • Request deletion of your account and data
  • Export your scan results and profile data
  • Withdraw consent for non-essential data processing

9. Cookies and Local Storage

We use essential cookies and local storage for authentication sessions and user preferences (such as language selection). We do not use tracking cookies or third-party advertising trackers.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email or platform notification.

11. Contact

For privacy-related questions or data requests, contact us at info@volkano.io.