Privacy Policy
Last updated: February 2026
What we collect
When you use QuackScan, we collect only what's necessary to run your scan and deliver your report:
- -The domain you submit for scanning
- -Your email address (for authentication and report delivery)
- -Payment information (on-chain crypto transactions — we verify USDC transfers)
How we use it
- -To run the security scan you requested
- -To generate and deliver your report
- -To process your payment
We do not sell your data. We do not use it for advertising. We do not share it with third parties beyond what's needed to operate the service.
Data retention
Scan reports are deleted from our servers after 24 hours. We do not keep copies of your findings. Your account information (email) is retained while your account is active.
Scanning methodology
By default, QuackScan performs read-only checks on publicly accessible endpoints. We do not modify your systems. Optional scans (credential testing, write-permission checks) only run if you explicitly enable them.
Third-party services
- -Solana / Polygon / BSC — on-chain USDC payment verification
- -Supabase — authentication and data storage
Your rights
You can request deletion of your account and all associated data at any time by contacting us. Reports are automatically deleted after 24 hours.
Contact
Questions about this policy? Reach us at hello@quackscan.xyz