Privacy Policy

Draft — last updated 2026-04-14. GDPR-compliant framework; tailor to your exact data flows before launch.

1. What data we collect

• Identity: your email address OR your Solana wallet public key. No passwords — we authenticate via one-time magic links or signed messages.
• Targets: the domains and program IDs you submit for scanning, plus your ownership-verification proofs.
• Scan results: every finding, artefact, and log line produced by scans you request.
• Billing: invoice amounts, Stripe session IDs, Solana Pay transaction signatures. We never store card numbers — Stripe handles that.
• Audit log: every action you take (sign-in, add target, verify, run scan, pay invoice) with timestamp and IP address, retained for 12 months for abuse and compliance reasons.

2. Legal basis (GDPR)

Our processing relies on contract necessity (we cannot run the Service without the data listed above) and legitimate interest (fraud prevention, abuse monitoring). Where those do not cover a processing purpose, we obtain explicit consent before processing.

3. Who we share data with

• Stripe — for USD payment processing. Governed by Stripe's own privacy policy.
• Helius / QuickNode / public Solana RPC — to execute buyback swaps and verify payments. Only public on-chain data is sent.
• Cantina / bounty platforms — only if you explicitly submit a finding through them.
• No advertising networks. No data brokers. No resale.

4. Data subject rights

Under GDPR you have the right to:

• Access — request a copy of all data we hold about you
• Rectification — correct inaccurate data
• Erasure — request deletion (subject to retention duties on audit logs)
• Portability — export your scan results and findings as JSON
• Object — withdraw consent for non-contractual processing

Contact privacy@security-scanner.example.com to exercise any of these rights.

5. Retention

• Scan results: retained while your org is active. Deleted on org deletion.
• Audit log: 12 months, then purged.
• Payment records: 7 years (tax law).
• Failed authentication attempts: 30 days.

6. Security

The Service is itself the thing we scan other software for. We treat our own security seriously:

• HTTPS end-to-end, HSTS enforced, secure cookies
• Passwords are not stored (we don't use them)
• Wallet private keys are never uploaded by users — signatures happen client-side in Phantom
• Internal secrets (Stripe keys, hot wallet secrets) are stored outside the web-reachable filesystem with 600 permissions
• Every scan is rate-limited and audit-logged

7. International transfers

Where data is transferred outside the EU (e.g. to Stripe's US infrastructure), we rely on standard contractual clauses as published by the European Commission.

8. Contact

Questions → privacy@security-scanner.example.com

⚠ This is a starter draft. Have it reviewed by a data-protection officer or specialised lawyer before launch. The retention periods, legal bases, and international transfer mechanisms must match your actual architecture.