Privacy Policy

Last updated: June 2026

This Privacy Policy explains how RemediAX collects, uses, and protects your information when you use our platform. We are committed to keeping your data secure and being transparent about how it is used.

1. Information We Collect

We collect the following information when you use RemediAX:

• Account information: Your name, email address, and password (stored as a bcrypt hash — never in plaintext)
• Authentication data: One-time passwords (OTPs) used for login and password reset, stored temporarily and deleted immediately after use
• Usage data: Scan configurations, scan results, and generated reports you create within the Platform
• Technical data: IP address, browser type, and access timestamps for security and debugging purposes

2. How We Use Your Information

We use your information to:

• Authenticate your identity and maintain your account
• Deliver scan results, reports, and security recommendations
• Send transactional emails such as verification codes and password resets
• Improve the Platform and fix issues
• Comply with legal obligations

We do not sell your personal data to third parties. We do not use your data for advertising.

3. Data Storage

Your account data is stored in a Neon PostgreSQL serverless database hosted on secure cloud infrastructure. Passwords are hashed using bcrypt with a cost factor of 12 and are never stored or transmitted in plaintext.

4. Email Communications

We use Brevo to send transactional emails (verification codes, password resets). Your email address is shared with Brevo solely for the purpose of delivering these emails. Brevo's privacy policy applies to their processing of your email address.

5. Third-Party Authentication

If you sign in with Google, we receive your name and email address from Google. We store these in your RemediAX account. We do not receive or store your Google password. Google's privacy policy governs their handling of your data.

6. Data Retention

We retain your account data for as long as your account is active. OTP codes are deleted immediately after use or expiry. You may request deletion of your account and associated data at any time by contacting us.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data
• Object to or restrict certain processing
• Data portability

To exercise any of these rights, contact us at nileshvary@gmail.com.

8. Security

We implement industry-standard security measures including encrypted connections (HTTPS), hashed passwords, and short-lived authentication tokens. However, no system is completely secure and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Platform or sending an email to your registered address.

10. Contact

For privacy questions or data requests, contact us at nileshvary@gmail.com.

© 2026 RemediAX. All rights reserved.