← Back to Legal

Privacy Policy

How we collect, use, and protect your personal information

Effective Date: January 1, 2025

PXL Security LTD ("Buglify.ai", "we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our automated penetration testing platform.

1. Information We Collect

1.1 Information You Provide

  • Account information (name, email address, company name)
  • Payment information (processed by our payment provider Stripe)
  • Target URLs and domains for security scanning
  • Support and communication records

1.2 Information We Automatically Collect

  • Usage data (scan history, features used)
  • Device and browser information
  • IP addresses and location data
  • Cookies and similar tracking technologies

2. How We Use Your Information

  • To provide and maintain our penetration testing services
  • To process your payments and manage your account
  • To send you security scan reports and notifications
  • To improve our services and develop new features
  • To communicate with you about updates and support
  • To detect and prevent fraud and security threats
  • To comply with legal obligations

3. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. Specific retention periods:

  • Account data: Deleted within 30 days of account termination
  • Scan reports: Retained for 90 days or until account deletion
  • Audit logs: Retained for 90 days for security purposes
  • Billing records: Retained for 7 years for tax compliance

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service providers (hosting, payment processing, email delivery)
  • dfen.ai (our security infrastructure provider)
  • Law enforcement when required by law
  • Business transferees in case of merger or acquisition

5. Your Rights (GDPR & CCPA)

You have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request deletion of your data
  • Object to processing of your data
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@buglify.ai

6. Security

We implement industry-standard security measures including TLS 1.3 encryption, AES-256 data encryption, secure authentication, and regular security audits. See our Security Page for details.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for authentication and core functionality
  • Analytics Cookies: Help us understand how you use our platform
  • Performance Cookies: Monitor system performance and reliability

You can control cookie preferences through your browser settings. Disabling certain cookies may limit platform functionality.

8. International Data Transfers

We primarily process data in the EU (Germany). When data is transferred outside the EU, we ensure adequate protection through:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

9. Children's Privacy

Buglify.ai is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or prominent notice on our platform at least 30 days before taking effect. Continued use after changes constitutes acceptance.

11. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to say no to the sale of personal information (we do not sell data)
  • Right to delete personal information
  • Right to non-discrimination for exercising CCPA rights

To exercise these rights, contact us at privacy@buglify.ai

12. Data Controller and DPO

PXL Security LTD acts as the data controller for personal information processed through Buglify.ai. For questions about data protection, you may contact our Data Protection Officer at:

Email: dpo@buglify.ai

13. Contact Information

PXL Security LTD
blvd Vasil Levski 12
Sofia, Bulgaria
Email: privacy@buglify.ai
Data Protection Officer: dpo@buglify.ai