Last updated: March 2026
Adminor AB (org.nr 556227-6351), Bromma, Sweden is the data controller for personal data processed through pentesting.se. Contact: [email protected].
We collect your email address and name when you create an account. When you add scan targets, we store hostnames and scan results. We also collect technical logs (IP addresses, timestamps) for security and operational purposes. We do not use cookies for tracking — only a session cookie for authentication.
We process personal data to provide the security scanning service (contractual necessity), to send scan reports and service communications (legitimate interest), and to comply with Swedish law (legal obligation). We do not sell or share personal data with third parties for marketing purposes.
All data is stored on servers located in Sweden operated by Adminor AB. No personal data is transferred outside the EU/EEA. Scan results, findings, and reports are stored on Swedish infrastructure. Backups are encrypted and retained for 90 days.
Account data is retained for the duration of your account plus 12 months after deletion. Scan results and findings are retained for 24 months. Technical logs are retained for 90 days. You may request deletion of your data at any time by contacting us.
You have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. To exercise these rights, contact [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).
We implement appropriate technical and organizational measures to protect personal data, including encryption in transit (TLS), access controls, and regular security audits. Authentication is passwordless via time-limited email tokens.
We may update this policy from time to time. Material changes will be communicated via email to registered users. The latest version is always available at this page.