Privacy Policy

Vyzor Security ("Vyzor", "we", "our") operates the Vyzor attack surface management platform available at vektorasm.me. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services.

For questions, contact us at: privacy@vektorasm.me

Account data: When you register, we collect your email address, name, and password (hashed). Authentication is handled by Clerk, Inc.

Billing data: Payment processing is handled by Stripe, Inc. We store only your subscription status and plan type — never your card details.

Scan data: Domains and IP addresses you submit for scanning, along with the results (assets, open ports, vulnerabilities). This data is stored in our database and associated with your account.

Usage data: Page views, feature usage, and error logs collected via Vercel Analytics. No personally identifiable information is included.

• To provide and improve the Vyzor platform
• To send you scan notifications and security alerts you have configured
• To send transactional emails (account confirmation, billing receipts)
• To process payments and manage subscriptions
• To comply with legal obligations

We do not sell your data to third parties. We do not use your scan data for advertising or marketing purposes.

We use the following third-party providers to deliver our service:

• Clerk — Authentication and user management (clerk.com)
• Stripe — Payment processing (stripe.com)
• Supabase — Database and storage (supabase.com)
• Vercel — Hosting and analytics (vercel.com)
• Resend — Transactional email (resend.com)

Each provider has their own privacy policy governing how they handle data on our behalf.

We retain your account data as long as your account is active. Scan data is retained for 12 months after the scan date. You may request deletion of your data at any time by contacting privacy@vektorasm.me.

We implement industry-standard security measures including encryption in transit (TLS 1.3), encrypted storage, access controls, and regular security reviews. However, no internet transmission is 100% secure.

If you are located in the European Economic Area, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to processing or request restriction
• Data portability

To exercise these rights, email privacy@vektorasm.me. We will respond within 30 days.

We use session cookies for authentication and functional cookies to remember your preferences. We do not use tracking cookies for advertising. You can disable cookies in your browser settings, though some features may not work correctly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email. Continued use of the service after changes constitutes acceptance of the updated policy.