Privacy & Safety
How Unveil handles data and what our safety principles are.
Safe Scanning
Our scanning engine operates under strict safety guidelines. We believe that transparency analysis should never put targets at risk or cross ethical boundaries. Every scan is designed to mimic normal browser behavior without any malicious intent.
What We Access
Unveil only accesses publicly available information:
- Public HTML, CSS, and JavaScript files
- HTTP response headers
- Publicly accessible API endpoints
- TLS/SSL certificate information
- DNS records (public)
- Content that any unauthenticated visitor could see
What We Don't Do
No Authentication Bypass
We never attempt to bypass login screens, access protected content, or exploit authentication vulnerabilities.
No Vulnerability Exploitation
We don't probe for security vulnerabilities, attempt SQL injection, XSS, or any other attack vectors.
No Data Extraction
We don't scrape user data, personal information, or proprietary content beyond what's needed for analysis.
No Service Disruption
We don't perform actions that could disrupt services, such as excessive requests or denial-of-service patterns.
Data Handling
Scan Data
Scan results are generated in real-time and not permanently stored on our servers. In v0.1 (current phase), all scanning is simulated with mock data.
No Third-Party Sharing
We do not sell, share, or distribute scan data to third parties for any commercial purpose.
User Privacy
We don't require account creation in v0.1. No personal information is collected from users performing scans.
Your Privacy
As a user of Unveil, your privacy is protected:
- No account required for scanning
- No tracking cookies beyond basic analytics
- No personal data collection
- URLs you scan are not logged or shared
- Results are displayed only to you