Legal

Privacy Policy

How Kosmonel collects, uses, retains, and protects information across monitoring, accounts, and integrations.

1. Information We Collect

1.1 Account Information

When you register for an account, we may collect:

  • Full name
  • Email address
  • Password (stored in encrypted/hashed form only)
  • Account type (individual or business)
  • Organization/company information
  • Login timestamps
  • Billing-related information (if applicable)

1.2 Monitored Website Information

When you add websites or domains to the Service, we may collect:

  • Domain names
  • Website URLs
  • SSL/TLS certificate metadata
  • DNS records
  • Security headers
  • Publicly accessible configuration files
  • Public exposure findings
  • Monitoring configurations
  • Website availability and response metrics

We only analyze publicly accessible assets and information necessary to provide the Service.

1.3 Technical & Usage Information

We may automatically collect:

  • IP addresses
  • Browser type
  • Device information
  • Operating system
  • Usage analytics
  • Session data
  • Access timestamps
  • Error logs

1.4 Cookies & Similar Technologies

We may use cookies and similar technologies for:

  • Authentication
  • Session management
  • Security
  • Performance optimization
  • Analytics
  • User preferences

You may disable cookies through your browser settings, though some features may not function properly.

2. How We Use Information

We use collected information to:

  • Provide and operate the Service
  • Monitor websites and domains
  • Generate alerts and reports
  • Improve platform functionality
  • Secure user accounts
  • Prevent abuse and unauthorized access
  • Provide customer support
  • Process payments and subscriptions
  • Comply with legal obligations

3. Security Monitoring & Scanning

Kosmonel performs automated monitoring and security analysis on domains and websites added by users.

This may include:

  • Uptime checks
  • SSL/TLS analysis
  • DNS security checks
  • Security header analysis
  • Sensitive exposure detection
  • Public attack surface analysis

Users are responsible for ensuring they have authorization to monitor and analyze the websites and domains they add to the platform.

4. Data Retention

We retain data only for as long as necessary to provide the Service and fulfill legitimate business purposes.

Retention periods may vary depending on:

  • Monitoring type
  • Subscription plan
  • Operational requirements
  • Legal obligations

Certain telemetry and monitoring logs may be automatically deleted after predefined retention periods.

5. Data Sharing & Disclosure

We do not sell personal information.

We may share information only in the following circumstances:

5.1 Service Providers

We may share data with trusted third-party providers that help operate the Service, including:

  • Cloud hosting providers
  • Payment processors
  • Email delivery services
  • Analytics providers

5.2 Legal Requirements

We may disclose information if required to:

  • Comply with applicable laws
  • Respond to lawful requests
  • Protect rights and security
  • Prevent fraud or abuse

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, information may be transferred as part of the transaction.

6. Data Security

We implement commercially reasonable technical and organizational safeguards designed to protect information, including:

  • Encrypted connections (HTTPS/TLS)
  • Password hashing
  • Access controls
  • Authentication protections
  • Monitoring and logging
  • Infrastructure security measures

However, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

7. User Responsibilities

Users agree:

  • To monitor only assets they own or are authorized to assess
  • Not to misuse the Service for unauthorized activities
  • Not to conduct illegal or harmful actions through the platform

Users are solely responsible for the targets and domains they add to the Service.

8. Third-Party Services

The Service may integrate with third-party platforms such as:

  • Slack
  • Discord
  • Telegram
  • Email providers

Use of such integrations may be subject to the privacy policies and terms of those third parties.

9. International Data Transfers

Your information may be processed and stored in countries other than your own. By using the Service, you consent to such transfers where permitted by applicable law.

10. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your data
  • Correct inaccurate information
  • Request deletion of data
  • Object to certain processing
  • Request data portability
  • Withdraw consent where applicable

Requests may be submitted through the contact information provided below.

11. Children's Privacy

The Service is not intended for individuals under the age of 18.

We do not knowingly collect personal information from children.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

Updated versions will be posted on this page with a revised “Last Updated” date.

Continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions regarding this Privacy Policy or data practices, contact:

Email: [email protected]

Company: Kosmonel

Website: https://kosmonel.com

14. Disclaimer

The Service provides automated monitoring and informational security insights only.

We do not guarantee:

  • Prevention of cyber attacks
  • Detection of all vulnerabilities
  • Continuous uninterrupted availability
  • Regulatory compliance outcomes

Users remain responsible for their own infrastructure security, operational decisions, and remediation actions.