Privacy Policy

Last updated: April 2026

IntrudR (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our AI-powered penetration testing platform.

1. Data We Collect

We collect the following categories of data:

• Account information: email address, full name, and organization name
• Scan targets: IP addresses, domain names, and URLs you submit for scanning
• Scan results: vulnerability findings, severity ratings, and remediation data generated by our platform
• Usage data: pages visited, features used, and session duration

2. How Data Is Stored

All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Our infrastructure is hosted on servers located in the European Union, in compliance with EU data residency requirements.

3. AI Processing — 100% Local

All AI models used by IntrudR run entirely on our own infrastructure. No scan data, vulnerability findings, or personal information is ever sent to third-party AI providers. Your data never leaves our controlled environment for AI processing.

4. Data Retention

Scan data (targets, results, and reports) is automatically deleted after 90 days unless you explicitly opt to retain it. You can delete your scan data at any time from your dashboard. Account data is retained for the duration of your account and deleted within 30 days of account closure.

5. No Sale of Data

We do not sell, rent, or trade your personal data or scan results to any third party, under any circumstances.

6. Cookies

We use strictly necessary session cookies to maintain your authenticated session and ensure platform functionality. We do not use advertising cookies, tracking cookies, or any third-party analytics cookies.

7. Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights regarding your personal data:

• Right of access: Request a copy of all personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to restrict processing: Request limitation of how we process your data
• Right to object: Object to processing based on legitimate interests

To exercise any of these rights, contact us at the address below.

8. Contact

For any privacy-related inquiries or to exercise your data rights, contact us at: privacy@intrudr.com