← ScanForge

Privacy Policy

Last updated: 2026-03-27

Data Controller

Lindahl Produktion AB is the data controller for ScanForge. We process personal data in accordance with the EU General Data Protection Regulation (GDPR).

Lindahl Produktion AB · org.nr 559123-XXXX
kontakt@lindahl-produktion.eu

Data We Collect

  • Account data: name, email address, hashed password
  • Scan data: target domains, IP addresses, scan findings (pseudonymized before AI processing)
  • Security logs: login attempts, API calls, security events
  • Billing data: subscription plan, payment history (card details processed by Stripe)

Legal Basis

We process your data on the basis of contract performance (Art. 6(1)(b) GDPR) for account and billing data, and legitimate interest (Art. 6(1)(f) GDPR) for security logs.

AI Processing & Pseudonymization

Before scan findings are sent to AI models (Anthropic Claude, Mistral), all identifying information — IP addresses, hostnames, domain names, file paths — is replaced with pseudonyms (e.g. 'HOST_1', 'IP_1'). Mapping tables are stored encrypted (AES-256-GCM) on EU servers. Raw identifiers never leave our infrastructure.

Data Location

All data is processed and stored exclusively on servers in the EU (Hetzner, Frankfurt, Germany). We do not transfer personal data to third countries.

Retention

Account data is retained for the duration of your subscription plus 30 days after cancellation. Scan findings are retained for 12 months. Security logs are retained for 90 days.

Your Rights

Under GDPR, you have the following rights:

  • Right of access — request a copy of your personal data
  • Right to rectification — correct inaccurate data
  • Right to erasure — request deletion of your data
  • Right to data portability — receive your data in a structured format
  • Right to object — object to processing based on legitimate interest

Cookies

We use only strictly necessary cookies: session authentication, theme preference, and language selection. No tracking or advertising cookies are used.

Contact

For privacy requests or questions, contact our data protection contact at: kontakt@lindahl-produktion.eu