VULNORA PRIVACY POLICY
Last updated: May 30, 2026 | Effective immediately
Vulnora is a defensive security auditing platform. We help you find and fix vulnerabilities in your own websites and applications. We do not hack, exploit, or collect your personal data beyond what is necessary to provide the service.
- ✅ We only scan websites YOU authorize and confirm ownership of
- ✅ We do NOT use AI or machine learning to process your data
- ✅ We do NOT store your credentials, passwords, or tokens
- ✅ Your scan data is yours — we don't sell, share, or monetize it
- ✅ All payments are processed by Cashfree (PCI-DSS compliant)
- ✅ Refunds available within 7 days — email vulnora9@gmail.com with your order ID
- ✅ Cancellation available anytime — plan stays active until billing period ends
- ✅ For any queries, contact vulnora9@gmail.com
Vulnora is a defensive security auditing platform for authorized vulnerability assessment. We scan websites, web applications, APIs, and software projects to identify security weaknesses.
We do not hack anything. All scans are read-only analysis operations that do not modify any data on the target system. Every scan requires explicit ownership confirmation.
Our platform provides 60+ security checks including: security headers, SSL/TLS validation, SQL injection detection, XSS testing, CSRF verification, API security auditing, sensitive file exposure, subdomain takeover detection, and more.
Vulnora does NOT use artificial intelligence, machine learning, or any AI-based services. Every security check is performed by our custom-built, deterministic scanner scripts following OWASP Top 10 and SANS CWE Top 25 methodologies.
- Your data is NEVER sent to OpenAI, Google, or any AI provider
- No machine learning models are trained on your data
- All detection is rule-based and deterministic
- Every finding has a clear technical explanation
| DATA | PURPOSE | STORED? |
|---|---|---|
| Email address | Account & notifications | Yes |
| Website URL | Target for scanning | Yes |
| Scan results | Show vulnerabilities | Yes |
| Phone number | Payment processing | Cashfree only |
| Passwords | — | NEVER |
| Card/UPI details | — | NEVER (Cashfree handles) |
- Encryption in transit: HTTPS/TLS 1.3 for all communication
- Encryption at rest: Supabase with AES-256 encryption
- Access control: Row Level Security — only you see your data
- No third-party sharing: Data never sold or transferred
- No tracking: No Google Analytics, no Facebook Pixel, no ads
- Serverless: Data exists only during execution and in your storage
Payment Processor: All payments are processed securely by Cashfree Payments (PCI-DSS Level 1 compliant). Vulnora does NOT store, process, or have access to your credit/debit card numbers, CVV, UPI IDs, or bank account details at any time.
💳 PAYMENT SECURITY
- We accept: Credit Cards (Visa, Mastercard, RuPay, Amex), Debit Cards, UPI, Net Banking, and International Cards
- All card transactions use 256-bit SSL encryption on Cashfree's PCI-DSS Level 1 certified servers
- Your card number, expiry, and CVV are entered ONLY on Cashfree's secure hosted checkout — never on Vulnora's servers
- We only receive: payment confirmation status, order ID, and transaction amount from Cashfree
- We NEVER see, store, or log your full card number, CVV, or banking credentials
✅ REFUND POLICY
Vulnora offers refunds in the following cases:
- Within 7 days of purchase — Full refund if fewer than 5 scans have been used
- Duplicate payment — Full refund for accidental duplicate charges
- Platform error — Full refund if subscription was not activated due to a technical failure on our end
- Yearly plans — Pro-rated refund for unused months upon request
To request a refund, email vulnora9@gmail.com with your order ID within 7 days. Refunds are processed within 5–7 business days to the original payment method.
✅ CANCELLATION POLICY
You may cancel your subscription at any time by contacting vulnora9@gmail.com. Your plan remains active until the end of the current billing period. No charges are made after cancellation. There is no auto-renewal — you must manually repurchase to continue.
Subscription Plans:
- Free: Limited scans per month, basic modules only
- Pro (₹499/mo or ₹4,499/yr): Unlimited scans, all modules, 100 API calls, 10 PDF reports, 3 team members
- Enterprise (₹1,999/mo or ₹17,999/yr): Everything unlimited
- Custom (from ₹29/mo): Pick only the modules you need, pay per scan — 30% off on yearly billing
What happens at expiry:
- Account reverts to Free plan automatically
- All premium modules become locked
- Scan history beyond 7 days becomes inaccessible
- Your data is NOT deleted — upgrade again to regain access
Payment issues or disputes: Contact vulnora9@gmail.com
- Scan results stored until you delete them or your account
- Free plan: 7 days history | Pro: 90 days | Enterprise: unlimited
- When you delete a scan, it's permanently gone — no backups
- Right to deletion: delete all data from Settings at any time
- We never analyze your scan results for our own purposes
Vulnora is exclusively for authorized security testing. By using our platform, you confirm you own the target or have written authorization. Unauthorized scanning may violate the Computer Fraud and Abuse Act (CFAA) or equivalent laws.
⚠️ We log scan requests and may cooperate with law enforcement if our platform is used for unauthorized access attempts.
- Session storage: Temporary scan data (cleared on tab close)
- Auth cookie: Secure HttpOnly session cookie for login
- No tracking cookies: No analytics or advertising cookies
- No fingerprinting: No browser fingerprints collected
- Access: View all your scan data from the dashboard
- Deletion: Delete any or all records permanently
- Export: Download results as PDF (Pro/Enterprise)
- Restrict: Choose which scan modules to enable
- Withdraw: Stop using the platform — data will be deleted on request
For any questions about this privacy policy, your data, payments, or account issues: