SPNT
Book a Demo
Back to Trust Center

Privacy Policy

Last updated: January 2025

1. Introduction

SPNT DOO ("SPNT", "Serpentine", "we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

2. Data Controller

SPNT DOO, headquartered in Skopje, North Macedonia, is the data controller for the personal data we process.

3. Information We Collect

Information You Provide

  • Account information (name, email, company)
  • Contact form submissions
  • Payment information (processed by Stripe)
  • Support communications

Information We Collect Automatically

  • Usage data (features used, scan configurations)
  • Log data (IP addresses, browser type, timestamps)
  • Device information

Security Scan Data

When you use our scanning services, we process data about your assets, vulnerabilities discovered, and remediation status. This data is processed solely to provide our services and is never shared with third parties or used for training AI models.

4. How We Use Your Information

  • Provide and maintain our services
  • Process transactions and send related information
  • Send technical notices, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Develop new products, services, and features
  • Comply with legal obligations

5. Data Storage and Transfer

All customer data is stored and processed exclusively within the European Union. Our primary data center is located in Frankfurt, Germany, with backup in Amsterdam, Netherlands.

We do not transfer personal data outside the European Economic Area (EEA) unless required by law and with appropriate safeguards in place.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide you services. Upon account deletion, we delete or anonymize your data within 30 days, except where retention is required by law.

7. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict processing of your data
  • Data portability
  • Object to processing
  • Withdraw consent at any time

To exercise these rights, contact us at privacy@spnt.io.

8. Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption at rest (AES-256)
  • Encryption in transit (TLS 1.3)
  • Access controls and audit logging
  • Regular security assessments

9. AI and Automated Processing

Some of our services use AI-assisted analysis. Customer data is never used to train AI models. All AI processing occurs within our EU infrastructure. You may opt out of AI-assisted features through your account settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at: