Remedix Privacy Policy
Last updated: February 2026

1. Introduction

Remedix ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our security scanning service.

2. How Scanning Works

Remedix performs automated, non-destructive security assessments of your public application surface. Our methodology is designed to identify vulnerabilities without causing service disruptions or data loss.

Scanning Methodology

  • Passive Analysis: We analyze public HTTP headers, HTML structure, and client-side scripts to identify misconfigurations and exposed information.
  • Safe Active Probing: We send standard HTTP requests with specialized security payloads designed to trigger predictable responses from vulnerable endpoints without executing destructive actions.
  • Rate Limiting: Our scanners implement intelligent rate limiting to ensure your infrastructure remains stable during the assessment.

3. Information Collection

Authentication Data

We collect essential account information, including email addresses and authentication credentials. These are managed via secure, industry-standard authentication providers.

Target Assessment Data

Upon initiation of a scan, we retrieve the target URL and its associated public-facing assets (HTML, HTTP headers, client-side scripts). Scanning is strictly limited to the targets explicitly authorized by the user.

Security Findings

We maintain a record of security vulnerabilities identified during assessments to provide historical reporting and remediation tracking. This data is isolated per account and is never disclosed to unauthorized third parties.

4. Data Utilization

  • To facilitate and optimize automated security assessments
  • To provide technical support and account-related communications
  • To maintain the integrity and security of the Remedix platform
  • To refine scanning heuristics and improve detection accuracy

5. Data Retention and Deletion

Assessment data is retained for the duration of the account's active status. Users may purge individual scan records or terminate their accounts at their discretion. Upon account termination, all associated data is purged from our production systems within 30 days.

6. Security Standards

We employ robust security controls, including TLS 1.3 encryption for data in transit and AES-256 for data at rest. While we maintain rigorous security protocols, no internet-based service can guarantee absolute immunity from threats.

7. Third-Party Services

We use third-party services for hosting, authentication, and payment processing. These services have their own privacy policies, and we encourage you to review them. We do not sell your personal information to third parties.

8. Analytics

We use analytics tools to understand how users interact with our service. This helps us improve features and fix issues. Analytics data is used in aggregate and is not sold to third parties. Our analytics providers may use cookies to identify returning visitors and track sessions.

9. Your Rights

You have the right to access, correct, or delete your personal information. You can export your scan data or delete your account through your dashboard settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@remedix.app.