Last updated: March 2026
We collect your email address, name, and payment information when you create an account. During scans, we collect technical data about your domain's external attack surface including subdomains, open ports, HTTP responses, and vulnerability details.
Your data is used to provide the scanning service, generate reports, send notifications, and process payments. We do not sell your data to third parties.
All data is stored in encrypted PostgreSQL databases. Scan results are retained for 90 days after scan completion. You may request deletion of your data at any time.
We use Zoho Payments for payment processing, Resend for email delivery, and Sentry for error monitoring. Each service processes only the minimum data necessary for their function.
We use localStorage for authentication tokens. We use PostHog for anonymous usage analytics. No advertising cookies are used.
You have the right to access, correct, or delete your personal data. Contact us at privacy@redsight.ai to exercise these rights.