Privacy Policy

Last updated: January 30, 2026

Introduction

Beyond PCI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PCI compliance scanning and reporting services.

Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address
  • Company name and billing address
  • Payment information (processed securely by our payment provider)

Scan Data

When you use our scanning services, we collect:

  • IP addresses and domains you submit for scanning
  • Vulnerability scan results and reports
  • Self-Assessment Questionnaire (SAQ) responses

Usage Information

We automatically collect certain information about your use of our services, including:

  • Log data (IP address, browser type, access times)
  • Device information
  • Usage patterns and feature interactions

How We Use Your Information

We use the information we collect to:

  • Provide and maintain our scanning and compliance services
  • Generate compliance reports for your use
  • Process payments and manage your subscription
  • Send service-related communications
  • Improve and optimize our services
  • Comply with legal obligations

Data Retention

We retain your scan data and reports for as long as your account is active or as needed to provide you services. Compliance reports are retained for the period required by PCI DSS standards (typically 3 years). You may request deletion of your data at any time, subject to legal retention requirements.

Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication requirements
  • Employee security training

Information Sharing

We do not sell your personal information. We may share information with:

  • Service providers who assist in operating our services
  • Payment processors for billing purposes
  • Legal authorities when required by law

Your Rights

Depending on your location, you may have rights to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt out of marketing communications

Contact Us

If you have questions about this Privacy Policy, please contact us at:

support@beyondpci.com