Obscure

Data Security
Statement

Last updated: 02/21/2024

Effective date: 02/21/2024

Collecting and tracking activity

In our commitment to maintaining your privacy and data integrity, we have adopted a strict no-cookies policy. Just as we don't rely on third parties like Google or Mailchimp, we do not collect or use cookies on our website and services. This approach is a testament to our respect for your privacy, ensuring that we do not engage in any form of user tracking via cookies.

Storing data

In our approach to data storage and security, we adhere to the highest standards, ensuring that our practices are in line with ISO 27001 standards. This commitment guarantees the security and integrity of the data we store. Additionally, our operations are compliant with SOC 1 and SOC 2 standards, reflecting our dedication to secure management and protection of your data.

To further enhance security, our data processing employs a one-way data stream. This method ensures that the data remains unaltered and safe from tampering during its transmission. Moreover, we maintain an internal database that is strictly isolated, with no external connections. This approach minimizes security risks and helps in safeguarding your information.

We store only the essential information required for our operations. In line with our commitment to your privacy and data security, we ensure that once our service is no longer needed by you, all your information is securely deleted from our systems.

Protecting data

In our commitment to robust security, we ensure that all sensitive data written to disk is encrypted at rest, safeguarding your information even when it's not in active use. Our security infrastructure aligns with top industry standards, including PCI-certified standards, and compliance with SOC 1 and SOC 2 requirements.

For secure data transmission, we employ Secure Socket Layer (SSL) encryption, TLS 1.2 or higher, and adhere to the NIST Cybersecurity Framework. To further bolster account security, we enforce Multi-Factor Authentication (MFA) for accessing our services, adding an essential layer of protection.

We support advanced authentication methods, including Time-Based One-Time Passwords (TOTP) and Universal 2nd Factor (U2F), to enhance security measures. Additionally, our website and services are secured with HTTPS and HTTP Strict Transport Security (HSTS), ensuring all communication is encrypted and secure.

Moreover, we implement Mutual Transport Layer Security (mTLS) for rigorous authentication and data protection, mirroring our commitment to maintaining the highest standards of data security and integrity.

Retaining data

We retain personal data of active customers exclusively for the purpose of active scanning. This data is securely stored and is never displayed publicly. As new data is introduced, it is appended to our storage systems in strict compliance with applicable regulations.

Communication with you

In our communications, we prioritize your security and privacy. To discuss complex removals, we use email confirmations, ensuring that they are sent only for legitimate purposes. We strictly avoid any unsolicited or unauthorized email communications.

Additionally, we handle your personal information with the utmost care, guaranteeing that it is never shared with unauthorized parties. This approach aligns with our commitment to maintaining the confidentiality and integrity of your data.

Data about websites

In our commitment to protecting your personal data, we have a strict policy regarding data sharing. Unlike other services, we do not share any data with privacy researchers, advocates, or regulators, unless we are compelled by legal requirements or have obtained explicit consent from you, our user. This approach ensures that your information remains confidential and is only disclosed in scenarios where it is absolutely necessary and lawful, or when you have directly authorized us to do so.