Privacy Policy

Last updated: February 25, 2026

What We Collect

When you use Exposed, we collect:

• Domain name you submit for scanning
• Payment information processed by Stripe (we never see your card number)
• Scan results generated from publicly available information about your domain

What We Don't Collect

• No accounts, no emails, no personal information
• No tracking cookies beyond basic analytics
• No passwords or credentials

Data Retention

Scan reports are stored for 24 hours so you can download them. After that, they are permanently deleted. Payment records are retained as required by law.

Third Parties

Stripe processes payments. Their privacy policy applies to payment data. We do not sell, share, or transfer your scan data to any third party.

What the Scan Does

Exposed performs passive, non-destructive checks against publicly available information on domains you submit. This includes standard HTTP requests, DNS lookups, and TCP connection checks. We never attempt to exploit, authenticate, or modify the target.

Contact

Questions? Email RJ@AegisAudits.com.