reconnreconn

Privacy Policy

Last updated: March 27, 2026

1. Overview

Reconn (“we”, “us”) respects your privacy. This policy explains what data we collect, why, and how we handle it. We collect only what is necessary to provide the Service.

2. Data We Collect

Account data

When you sign up, we receive your name, email address, and profile image from your authentication provider (Clerk). This is used to identify your account and link your scan history and credits.

Scan data

We store the URLs you scan, the scan results (findings, severity, framework detection), and timestamps. Scan results are stored in our database (Convex) and associated with your account if you are logged in.

Payment data

Payments are processed by Polar. We do not store credit card numbers or payment method details. Polar may collect billing information in accordance with their own privacy policy.

Anonymous usage data

For anonymous (non-logged-in) scans, we store the IP address temporarily for rate limiting purposes. IP addresses are not linked to accounts or used for tracking.

3. How We Use Your Data

  • To run security scans on URLs you submit
  • To store and display your scan history and results
  • To manage your account, credits, and membership
  • To enforce rate limits and prevent abuse
  • To process payments through our payment provider
  • To respond to support requests

We do not sell your data. We do not use your data for advertising.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Clerk — authentication and account management
  • Convex — database and backend
  • Polar — payment processing
  • OpenRouter — AI-powered finding translation (scan data is sent to AI models for translation; no personally identifiable information is included)

Each service operates under its own privacy policy. We encourage you to review them.

5. Data Retention

Scan results and account data are retained for as long as your account is active. When you delete your account, all associated data (profile, scan history, credits) is permanently deleted from our database. IP addresses used for rate limiting are stored on job records and deleted when those records are removed.

6. Your Rights

You have the right to:

  • Access your data through your account dashboard
  • Delete your account and all associated data at any time
  • Request a copy of your data by contacting us

If you are in the EU, UK, or Canada, you may have additional rights under GDPR, UK GDPR, or PIPEDA respectively. Contact us to exercise these rights.

7. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies, analytics cookies, or advertising cookies.

8. Security

We take reasonable measures to protect your data, including HTTPS encryption, SSRF protection on scan inputs, and secure credential storage. However, no method of transmission over the internet is 100% secure.

9. Children

The Service is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

10. Changes

We may update this policy from time to time. Material changes will be reflected by updating the date at the top. Continued use of the Service after changes constitutes acceptance.

11. Contact

Questions about this policy? Contact us at support@reconn.dev.

← Back to Reconn