Skip to content
Legal · privacy

Privacy policy

1. Data controller

Micro-enterprise « Scan-Access » (SIRET 850 856 386 00014), 42 rue Laudinat, 33130 Bègles, France · hello@scan-access.com.

2. Data we collect

We collect strictly what is needed to provide the service:

  • Account data: email, hashed password, first name.
  • Billing data: payment reference held by our payment processor.
  • Technical data: scanned URLs, fetched public HTML, scan metadata.
  • Usage data: action log (login, scan, triage), for security and service improvement.

3. Purposes of processing

Your data is processed to: (a) provide and improve the service, (b) process billing, (c) ensure security and prevent fraud, (d) comply with legal obligations.

4. Retention period

  • Accounts: 12 months after last sign-in, then anonymised.
  • Scans: 12 months (renewed while subscription stays active).
  • Invoices: 10 years (French CGI art. L. 102 B).

5. Service providers

We use technical service providers (hosting, payment, email…) bound by confidentiality obligations. Transfers outside the EU are covered by appropriate safeguards where applicable.

6. Your rights

You have rights of access, rectification, erasure, restriction, portability, and objection. Exercise them by emailing hello@scan-access.com. You may also lodge a complaint with the CNIL (France) or your local data protection authority.

7. Security

Passwords are hashed using Argon2id. Data is transmitted over TLS. Infrastructure is hosted on Google Cloud Platform.

8. Contact

For any privacy-related request: hello@scan-access.com.