Legal

Privacy Policy

Last updated: April 24, 2026

1. Who we are

NexusVoid Security ("NexusVoid", "we", "us", "our") operates the VAPT platform at vapt.nexusvoidai.com. This policy explains what personal data we collect when you use our services, why we collect it, and your rights regarding that data.

2. Data we collect

  • Account data: email address, name, and authentication tokens when you create an account.
  • Scan data: target domain/URL, scan results, and security findings generated during a scan you ordered.
  • Payment data: transaction ID and order reference from Razorpay. We do not store card numbers or CVVs.
  • Usage data: pages visited, features used, and error logs collected via PostHog for product analytics.
  • Communications: emails you send us and support tickets.

3. How we use your data

  • To deliver the VAPT service you purchased and generate your security report.
  • To process payments and send transactional emails (receipt, report delivery, scan status).
  • To improve the platform and diagnose technical issues.
  • To comply with legal obligations.

We never sell your personal data to third parties.

4. Data storage and retention

Your data is stored on Supabase (PostgreSQL) hosted in the EU/US, and scan report PDFs are stored on Cloudflare R2 (object storage). We retain account data for as long as your account is active. Scan data and report PDFs are retained for 90 days after scan completion, then deleted unless you request earlier deletion.

5. Third-party processors

ProcessorPurpose
SupabaseAuthentication & database
RazorpayPayment processing
Cloudflare R2PDF report storage
ResendTransactional email
PostHogProduct analytics
VercelPlatform hosting

6. Your rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Export your data in a portable format.
  • Withdraw consent at any time (where processing is consent-based).

To exercise any right, email us at privacy@nexusvoidai.com. We will respond within 30 days.

7. Cookies

We use essential cookies for authentication and session management. Analytics cookies (PostHog) are used to understand platform usage. See our Cookie Policy for details.

8. Changes to this policy

We may update this policy. We will notify you by email or prominent notice on the platform if changes are material. Continued use of the service after changes constitutes acceptance.

9. Contact

Questions about this policy? privacy@nexusvoidai.com