Privacy Policy

Last updated: February 2026

1. Introduction

C2IT Labs ("we," "our," or "us") operates the SCAN service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and scanning platform.

2. Information We Collect

We collect information you provide directly to us, including:

  • Account information — Name, email address, company name, and password when you register
  • Scan data — URLs you scan, scan configurations, and scan results (including screenshots and reports)
  • Usage data — How you interact with our service, including pages visited and features used

We also automatically collect certain technical information such as IP address, browser type, and device information when you access our service.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our scanning services
  • Process and store your scan results
  • Send you transactional emails (e.g., scan completion notifications)
  • Respond to your inquiries and provide support
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Within your organization — Company admins and invited users can access projects and scan data for their company
  • Service providers — We may use third-party services (e.g., hosting, email) that process data on our behalf under strict agreements
  • Legal requirements — When required by law or to protect our rights, safety, or property

5. Data Retention

We retain your account data and scan results for as long as your account is active. You may request deletion of your account and associated data by contacting us. Some data may be retained for a limited period to comply with legal obligations or resolve disputes.

6. Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Passwords are hashed; sensitive data is encrypted in transit and at rest where applicable.

7. Your Rights

Depending on your location, you may have the right to access, correct, or delete your personal information, or to object to or restrict certain processing. To exercise these rights, please contact us.

8. Cookies and Tracking

We use essential cookies and similar technologies to operate our service (e.g., authentication, session management). We do not use third-party advertising or tracking cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy or our practices, please contact us.