Privacy Policy

Last updated: March 2026

Table of Contents

Information We Collect

We collect information in several ways: • Account Information: When you create an account, we collect your name, email address, and company name. • Usage Data: We track pages you visit, features you use, scanning activity, and account engagement patterns. • Scan Data: Information about URLs you scan and the scan results we generate. • Payment Information: We process payments through Stripe. We do not store credit card numbers directly. • Cookies and Analytics: We use cookies and analytics tools to understand how you use our service.

How We Use Your Information

We use the information we collect for: • Providing and improving our services • Processing payments and managing your subscription • Sending transactional notifications and service updates • Providing customer support • Conducting analytics and improving our product • Complying with legal obligations

Data Storage & Security

We implement comprehensive security measures: • AES-256 encryption for data in transit and at rest • TLS 1.3 protocol for all data transmission • Supabase Row Level Security (RLS) for database access control • SOC 2 compliance in progress • Regular security audits and penetration testing • Strict access controls and authentication mechanisms

Third-Party Services

We share your information only with trusted service providers: • Stripe: Payment processing • Supabase: Database infrastructure • Analytics: Usage tracking and performance monitoring We never sell, trade, or rent your personal information to third parties.

Your Rights Under GDPR

You have the right to: • Access: Request a copy of your personal data • Rectification: Correct inaccurate data • Erasure: Request deletion of your data ("right to be forgotten") • Data Portability: Receive your data in a portable format • Restriction: Limit how we use your data • Object: Oppose certain processing To exercise these rights, contact privacy@allyshield.net

Cookies

We use cookies to enhance your experience. See our Cookie Policy for detailed information about the types of cookies we use, how we use them, and how to manage your preferences.

Data Retention

Account data is retained while your account is active. Scan data is retained for 12 months from the date of the scan. You can request deletion of your data at any time by contacting us. We comply with all GDPR data retention requirements.

Children's Privacy

Our service is not intended for users under 16 years of age. We do not knowingly collect information from children. If we become aware of such collection, we will delete the information promptly in compliance with GDPR regulations.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email and by updating the "Last updated" date on this page. Your continued use of our service constitutes acceptance of the updated policy.

Contact Us

For privacy-related questions or to exercise your rights under GDPR: Email: privacy@allyshield.net Data Protection Officer: dpo@allyshield.net AllyShield Ltd European Union