Cyberian

1. Information we collect

When you create an account, we collect your email address and a hashed version of your password. If you sign in via GitHub, we receive your GitHub username and primary email. We do not store your GitHub password or tokens.

During scans, we log the target URL, scan results, and timestamps. We do not store the content of API responses beyond what is needed to compute the score.

2. How we use your data

To authenticate you and manage your account.
To run scans on URLs you submit and display the results to you.
To enforce plan limits (free, dev, team, pro).
To send transactional emails (e.g. email verification, password reset) if you opt in.

We do not sell your data. We do not use your scan URLs or results for advertising.

3. Data storage

Your data is stored in a Supabase (PostgreSQL) database hosted in the EU. Passwords are hashed with bcrypt before storage. We can't recover them. TOTP secrets for two-factor authentication are stored encrypted.

4. Cookies

We use a single HTTP-only cookie (Cyberian_token) to keep you logged in. This cookie is session-only and does not track you across other sites. We do not use advertising or analytics cookies.

5. Third-party services

Supabase: database and storage.
Vercel: hosting and edge network.
Stripe: payment processing for paid plans. We never see or store your card details.
GitHub OAuth: optional social login.

6. Data retention

Scan results are kept until you delete them or close your account. On account deletion, all your personal data and scan history are permanently removed within 30 days.

7. Your rights

You have the right to access, correct, or delete your data at any time from the Settings page. If you have any questions or requests, contact us at hello@Cyberian.dev.

8. Changes

We may update this policy. If we make significant changes, we will notify you by email or via an in-app banner.

Privacy Policy