Privacy Policy

Last updated: May 2018

This privacy policy (the “Privacy Policy”) is an integral part of the terms of use for VulnOS Service. This Privacy policy describes how we collect, handle, transfer and disclose your personal information gathered by the use of our services through the following websites:,,,, and The data controller of the website is I.D Cyber Solutions, Ltd., No. 515447068 (“VulnOS”) which is the entity which decides how your personal information is processed and for the purposes as detailed in the Privacy Policy. The processing and collection of personal data is governed by the Israeli Privacy Protection Data Security Regulations (the “PPDS”) and by the General Data Protection Regulation (the “GDPR”) and detailed the choices available to you regarding our use of your personal information and how you can access, update, rectify, withdraw, and portable this information. By using our website or services you expressly consent our practices as described in this Privacy Policy.


If you have any inquiries about this Privacy Policy or how we process your personal data you may contact us using the information below:
I.D Cyber Solutions Ltd
Registered Number: 55597786
40 Sderot Ha’asmaoot St.
Bat Yam
DPO Email:
Our customer may submit inquires about privacy and security matters using our online chat support or by email directly to I.D Cyber Solutions Data Privacy Officer.


During the use of our services, we collects and process your personal data in different ways and for different purposes as described.

  • Information you provide directly to usWhen you register (create an account) on our Service, you will be ask for basic information in order to access to our products, authenticate and prevent fraudulent actions on our systems. This may include, but not limited to, your first and last name, and email address. We will also collect basic chat information and billing related information such as PayPal email address, amount, currency, time and date of the payment, and subscription plan type.
  • Information we collect while using our servicesWhen you use the Service and its software, we automatically collect cretian information to improve our services. The following data are automatically may logged: The IP (internet protocol) address of your device, browser information such as browser type, type of operating system and browser version, data and time stamps associated with your scans and activity using our services, system configuration information, application logs (including crash reports ans syslog), and other relevant machine data.
  • Information we collect from other sourcesWe may obtain information from third-party and other sources other than the service, such as third-party security providers and online databases in connection with our research about recent activities, active or historic threats, vulnerabilities, and published security risks online. This may include data such as vulnerable plugins or themes, new attack vectors, bypass techniques, or malicious payloads that are associated with security risks (for example, known vulnerable plugins or core file that lead to WordPress compromise) and we use this information in order to improve detection engines for better service for you. Any other geathred personal information from other sources through the service, we will shall it accordance with this Privacy Policy.


Any information we collect from you may be used for the following purposes:

  • To personalize your experience and provide better respond to your individual needs;
  • To secure your login for you in the VulnOS my console and our APIs (,;
  • Improving our service by monitoring your service usage and protect you against any fraudulent or unlawful use in your service account;
  • To deliver account information data to your e-mail including your personal or clients vulnerability reports, advices on best practices, notifications about your account and service usage, support via email and chat, software updates, billing, or any other aspect of legal requirement (such as dispute resolution);
  • Send you marketing news (if accepted in your account settings) related to product or service;
  • Improve and enrich existing services and content;
  • Modify and/or remove existing services and content;
  • Enforce the our Terms;
  • For data security;
  • Analysis of data on the users of the website;
  • For statistical analyses, (which do not identify the user personally)
  • Any other purpose detailed in the Terms and this Privacy Policy.

If at any time you would like to unsubscribe from receiving a future e-mail regarding your account, you may click on “Unsubscribe” like in the email body sent to you, or you can cancel your account by clicking “Remove account” in “my account” section.

Our legal basis:

  • Processing this information as it is necessary in order for use our product or service
  • The processed information it is necessary for our legitimate interest of developing the the service
  • In order to meet legal requirements such as accounting purposes

If the processing based on your consent, you may at any time withdraw you consent by contact us or by update your consent preferences in your personal account in the service. Please note that if you object to provide required personal data (i.e., e-mail address) it will not allow us to deliver our service.


VulnOS is in compliance with the requirements of Children’s Online Privacy Protection Act (COPPA). We don’t knowingly collect any personal information from anyone under the age of 18. If a parents and legal guardians aware that his or her child has provide us with personal information without their consent, he or she should contact us at DPO email to stop the process and delete such information immediately.


At any scan of your or your clients websites, our services will produce dynamic report contain information based on the current found vulnerabilities. A report may contains personal information if our service access during the security test. VulnOS shall act as data processor and thus not a data controller. The reports are saved as long your website scan is exist in your account, you may contact technical support at anytime to remove your website including report data.


Please refreer to our cookie policy at for more updated information about cookies we use and their purposes.


As a security company, we take the reasonable and appropriate technical, physical and organizational measures to maintain the safety of your personal data against any accidental, unauthorized or unlawful use, destruction, loss, alteration, disclosure or access the information we process.


If you have an active account (paid or not-paid account) in our service, we will retain your information as long as your account is active. If you wish to cancel your account or request that we no longer use your information to provide our service, contact us or navigate to your my account and click “Delete account” button to deactivate your account and remove your data.

Notwithstanding the above, we may keep certain personal information for longer periods as necessary for legitimate business reasons, including as needed to comply with our legal obligations, to resolve disputes, and claims that may arise due to the performance of our services. If so, we will not use your information for any other purposes.


Under the GDPR and subject to different exemptions, You have the following rights:

  • Access, and rectify your information – If you wish to correct or delete personal information if its unaccurate or if is no longer for our service, you can making the change within ‘my profile’ section of your account at any time. In some case, we may retain copies of your personal information if required by law
  • To erase your personal information – You may at any time erase all your personal information and account data (i.e,. account preferences, and security reports) without undue delay by navigate to ‘my profile’ and click on the ‘Delete account’ button. From security reasons and privacy, this operation is irreversible
  • Restriction of personal information – You may at any time object the processing of personal data, some personal information are required to provide to you some of the basic features and functionality (such as secure your login and identify you in our services)
  • Portability of your information – You may ask for a copy of the personal information that we have stored about you be sending a request to us using your service account or by contact us

No fees are required for exercising any of the above rights. However and subject to the GDPR, we may charge you a reasonable fee including administration fees if your request is repetitive or excessive or demands the our bear excessive and/or expensive efforts. To exercise your rights, please contact the Data Protection Officer at the following contact us at DPO e-mail.


We may use the creation of trusted third-party companies or sub-processors to help us operate our service, analyze, and improve of our service. VulnOS does not sell, trade or otherwise transfer to outside parties any personally identifiable information. These trusted parties may be situated in countries outside of the EU/EEA, are have access to personally identifiable information on the need for the performing of their task basis and will be contractually obliged to keep your information confidential, for the purpose of performing these tasks on VulnOS’s behalf and under obligations equivalent to those in this Privacy Policy. We may share information to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety. In such case, we will only release specific data mandated by the relevant legal demand. Furthermore, non-personally identifiable or anonymous visitor information may be provided to other parties for marketing, advertising, or other uses.


We may include or offer third-party products or services on our website and exported reports whose privacy practices may differ from those of VulnOS. We therefore have no responsibility or liability for the content and activities of these linked websites, please be advised that your Information will be solely governed by their privacy statements. We encourages you to carefully read the privacy statement of any website you visit before providing your information.


We may revise our privacy policy to reflect the change to our information practices under any applicable law. If we make any change about how we use and process your personal information we will take steps to notify you by the registered email in your account. We encourage you to periodically review this page regularly. If you continue to use our service after new revision has become effective, you agree to be bound by the revised privacy policy. If you do not agree to the new privacy policy, you should immediately stop using the service.