1. Introduction
VectraGuard ("we," "us," or "our") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our vulnerability scanning and cybersecurity platform, website, and related services (collectively, the "Services").
By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our Services.
2. Information We Collect
2.1 Account Information
When you register for an account, we collect your name, email address, organization name, job title, and contact details. If you subscribe to a paid plan, our third-party payment processor collects billing and payment information on our behalf.
2.2 Scan & Assessment Data
When you use our platform to perform vulnerability scans, we process target system addresses, network configurations, scan results, vulnerability findings, severity ratings, and remediation tracking data. This data is stored securely and is only accessible to authorized users within your organization.
2.3 Usage & Platform Data
We automatically collect information about how you interact with our Services, including platform activity logs, feature usage analytics, API access logs, and system performance metrics. This helps us improve service quality and troubleshoot issues.
2.4 Device & Technical Data
We collect your IP address, browser type and version, operating system, device identifiers, and referring URLs. We also use cookies and similar technologies as described in our Cookie Policy.
3. How We Use Your Information
3.1 Service Delivery
We use your information to perform vulnerability scans and assessments, generate security reports, provide customer support, maintain and improve our platform, and ensure service reliability.
3.2 Account Management
We use your information for user authentication and access control, subscription and billing management, and communicating important service updates, security advisories, and policy changes.
3.3 Security & Compliance
We process information to detect and prevent fraud, enforce our terms of service, comply with legal obligations, and protect the security of our platform and users.
3.4 Communications
With your consent, we may send product updates, security research, newsletters, and event information. You can opt out of marketing communications at any time via the unsubscribe link in any email or by contacting us.
4. Data Sharing & Disclosure
4.1 Service Providers
We share information with trusted third-party providers who assist in operating our Services, including cloud infrastructure providers, payment processors, analytics services, and customer support tools. These providers are contractually bound to use your data only for the purposes we specify and to maintain appropriate security measures.
4.2 Legal Requirements
We may disclose your information when required by law, regulation, legal process, or governmental request, or when necessary to protect the rights, property, or safety of VectraGuard, our users, or others.
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have regarding your information.
4.4 What We Never Do
We do not sell your personal data to third parties. We do not share your scan results or vulnerability findings with anyone outside your organization without your explicit authorization. We do not use your security data for advertising purposes.
5. Data Retention
We retain your account information for as long as your account is active or as needed to provide you with our Services. Scan results and security reports are retained according to your subscription plan settings, which you can configure within the platform.
Upon account termination, we will delete or anonymize your personal data within 90 days, except where we are required to retain it for legal, regulatory, or legitimate business purposes. Anonymized and aggregated data that cannot identify you may be retained indefinitely to improve our threat intelligence capabilities.
6. Data Security
We implement industry-standard technical, administrative, and organizational security measures to protect your information, including:
- Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
- Role-based access controls and multi-factor authentication
- Regular security assessments and penetration testing of our own infrastructure
- Employee security training and background checks for personnel with data access
- Continuous monitoring, logging, and incident response procedures
- Physical security controls at our data center facilities
While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We encourage you to use strong passwords and enable multi-factor authentication on your account.
7. Your Rights & Choices
7.1 Access & Portability
You have the right to request a copy of your personal data in a structured, commonly used format. You can export your scan reports and account data directly from the platform at any time.
7.2 Correction & Deletion
You may update or correct your account information through your account settings. You may request deletion of your personal data by contacting us, subject to any legal retention requirements.
7.3 Opt-Out
You can unsubscribe from marketing emails at any time. You can manage cookie preferences through your browser settings. You may request that we stop processing your data for certain purposes.
7.4 Restriction & Objection
Where applicable under local law (such as the GDPR or CCPA/CPRA), you have the right to restrict or object to the processing of your personal data, and the right not to be subject to automated decision-making.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, data processing agreements with all sub-processors, and compliance with applicable data protection frameworks.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data in compliance with GDPR requirements. If you are a California resident, you have additional rights under the CCPA/CPRA, including the right to know, delete, and opt out of the sale of personal information.
9. Cookies & Tracking Technologies
We use cookies and similar technologies to ensure our website functions properly, remember your preferences, and understand how you use our Services. We categorize cookies as:
- Essential cookies — required for platform functionality and security
- Analytics cookies — help us understand usage patterns and improve our Services
- Preference cookies — remember your settings such as theme and language
You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our Services.
10. Children's Privacy
Our Services are not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete such information.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of the Services after the effective date of the revised policy constitutes your acceptance of the changes.
12. Contact Us
If you have questions about this Privacy Policy, wish to exercise your data rights, or have a privacy concern, please contact us at:
We aim to respond to all privacy-related inquiries within 30 days.