Legal

Terms of Service & Privacy Policy

Simple, straightforward policies for using our security scanning service.

Terms of Service Privacy Policy

Terms of Service

Last updated: March 7, 2026

By using Internet Secure (internetsecure.org), you agree to these terms. If you don't agree, please don't use our service.

What Our Service Does

Internet Secure provides two core services:

Security Scanning: We scan websites for security vulnerabilities and compliance issues, including SSL certificates, security headers, DNS configuration, and email authentication. We provide reports on what we find, but we don't fix anything — that's up to you.

Uptime Monitoring: We monitor your websites from multiple global locations and alert you when downtime, degraded performance, or recovery is detected. Alerts can be sent via email, Slack, Jira, and Linear.

Acceptable Use

You may only scan and monitor websites that you own or have explicit permission to scan. Don't use our service to:

  • Scan or monitor websites you don't own without permission
  • Attempt to hack or break our service
  • Use our service for illegal activities
  • Overload our servers with excessive requests
  • Share your account credentials with others
  • Use automated scripts to access scanning endpoints without authorisation

Limitations

Our tools do their best, but they're not perfect. We provide all information and services "as is" without warranties. We're not responsible if:

  • Our scans miss security issues
  • Our reports contain inaccuracies due to network conditions, DNS propagation, CDN behaviour, or transient server states
  • You make changes based on our reports that cause problems
  • Our service is temporarily unavailable

Uptime Monitoring Limitations

Uptime monitoring is provided on a best-effort basis. We do not guarantee:

  • That all downtime events will be detected — network issues, node outages, or transient failures may cause missed detections
  • That alerts will be delivered instantly or at all — email delivery depends on your mail provider, and third-party services (Slack, Jira, Linear) may experience their own outages
  • That check intervals will execute at exact times — scheduled monitoring is approximate
  • The accuracy of response time measurements — these vary based on network conditions between our monitoring nodes and your server

We are not liable for any damages resulting from undetected downtime, delayed alerts, or decisions made based on monitoring data.

Third-Party Integrations

Our service integrates with third-party platforms including Jira, Slack, Linear, and Cloudflare. When you configure these integrations:

  • You are responsible for the credentials (API tokens, webhook URLs) you provide
  • Data shared with third-party services through your integrations is governed by those services' own terms and privacy policies
  • We are not responsible for actions taken by third-party services, including data loss, unauthorised access to your third-party accounts, or service outages
  • You may revoke integration credentials at any time through your profile settings

Liability

To the maximum extent permitted by law, our total liability for any claims arising from your use of the service is limited to the fees you have paid us in the 12 months preceding the claim. We are not liable for any indirect, incidental, special, or consequential damages, including loss of revenue, data, or business opportunities.

Account Termination

We can suspend or terminate accounts that violate these terms. You can cancel your account anytime. If you're on a paid plan, cancellation takes effect at the end of your billing period.

Payment and Refunds

Paid plans are billed in advance and renew automatically unless cancelled before the end of the billing period. We don't provide refunds for partial months. If you're unhappy with our service, contact us at [email protected] and we'll try to make it right.

Changes to These Terms

We might update these terms occasionally. We'll notify users of significant changes via email or on our website.

Privacy Policy

Last updated: March 7, 2026

This privacy policy explains how Internet Secure collects, uses, and protects your information.

Information We Collect

Account Information: When you create an account, we collect your email address, name, and password (stored as a one-way hash).

Security Scan Data: We store the domains you scan and the results, including SSL/TLS certificate details (issuer, expiry, cipher suite), HTTP security headers (HSTS, CSP, X-Frame-Options), DNS records (nameservers, DMARC, SPF, DKIM, DNSSEC), IP addresses, redirect chains, cookie attributes, and server software information.

Uptime Monitoring Data: For domains with uptime monitoring enabled, we collect HTTP status codes, response times, error messages, check timestamps, downtime durations, and incident history. This data is collected from multiple monitoring nodes located globally.

Integration Credentials: If you configure third-party integrations, we store the credentials you provide, including Jira API tokens and project details, Slack webhook URLs, and Linear API keys. These are stored in our database and used solely to deliver alerts on your behalf.

Usage Information: We track basic usage like when you log in and which features you use. This helps us improve the service.

Technical Information: Standard web server logs including IP addresses, browser types, and pages visited.

How We Use Your Information

  • Provide and improve our security scanning and uptime monitoring services
  • Send you scan results, uptime alerts, and incident notifications via your configured channels (email, Slack, Jira, Linear)
  • Detect downtime and performance degradation across your monitored domains
  • Communicate about your account and our service
  • Analyze usage patterns to improve our tools
  • Comply with legal requirements

Information Sharing

We don't sell your data. Period. We may share information only in these situations:

  • With your explicit consent
  • When required by law (subpoenas, court orders, etc.)
  • To protect our rights or the safety of others
  • With service providers who help us operate (listed below) — they're bound by strict confidentiality agreements
  • With third-party services you choose to integrate (Jira, Slack, Linear) — alert data is sent to these services using credentials you provide

Data Security

We protect your data using industry-standard security measures including encryption, secure servers, and regular security audits. Integration credentials (API tokens, webhook URLs) are stored in our database with access restricted to the application. However, no internet service is 100% secure, so we can't guarantee absolute security.

Data Retention

We keep your account information and scan results based on your plan:

  • Free Plan: 12 months of scan history
  • Pro Plan: 2 years of scan history
  • Enterprise Plan: Unlimited retention

Uptime monitoring data (check results, incidents, alerts) is retained for the same period as your scan history.

When you cancel your account, we delete your data within 30 days, including all scan results, uptime monitoring data, and stored integration credentials, except where required to keep it by law.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Delete your account and data
  • Export your scan data
  • Remove stored integration credentials at any time via your profile settings
  • Opt out of non-essential communications

To exercise these rights, contact us at [email protected].

Cookies and Tracking

We use minimal cookies for essential functions like keeping you logged in and storing your display preferences (such as dark mode). We don't use tracking cookies for advertising or sell your browsing data to third parties.

Third-Party Services

We use the following third-party services to operate our platform:

  • Stripe — Payment processing and subscription management
  • Google OAuth — Optional third-party login
  • Google reCAPTCHA — Bot protection on registration (collects behavioural data per Google's terms)
  • Tawk.to — Live chat support for paid users
  • WhoisJSON — Domain registration data lookups

If you configure integrations, data also flows to:

  • Jira — Incident tickets created using your Jira credentials
  • Slack — Alert messages sent to your configured webhook
  • Linear — Issue tracking via your Linear API key
  • Cloudflare — Offline page activation using your Cloudflare API token (if configured)

Each of these services has their own privacy policies and terms. We are not responsible for how they handle data once it leaves our platform.

Children's Privacy

Our service is not intended for children under 13. We don't knowingly collect personal information from children under 13.

International Users

Our servers are located in the United States, with uptime monitoring nodes in multiple countries. If you're accessing our service from other countries, your information will be transferred to and processed in the US.

Changes to This Policy

We may update this privacy policy from time to time. We'll notify you of significant changes via email or on our website.

Questions about our policies?

We believe in transparency. If anything isn't clear, just ask.

Contact Us