EN EN
Login Sign Up

Compliance & Legal Obligations

Our commitment to legal and ethical standards

At Scanitex, we strive for the highest standards of ethics, transparency, and legal compliance. Our mission is to make the internet safer by providing researchers and cybersecurity professionals with tools for monitoring and analyzing attack surfaces (External Attack Surface Management).

Below are our key commitments and policies ensuring the legality and security of platform use.

1. Legality of Port Scanning

Scanitex provides active reconnaissance services for collecting publicly available information. We operate in strict compliance with international cybersecurity standards.

Non-invasive method: Our scanners send standard packets (SYN, HTTP GET, TLS Hello) to check service availability. We do not use exploits, do not attempt password brute-forcing, and do not compromise data integrity on target systems.

Dual-use nature: We acknowledge that our tools can be misused. Therefore, we have implemented a strict Acceptable Use Policy (AUP). Any use of the service for preparing or conducting cyberattacks is strictly prohibited and leads to immediate blocking.

Collaboration: We position ourselves as a research tool, similar to search engines, but for technical devices.

2. AML/KYC Policy and Financial Security

Since Scanitex accepts cryptocurrency payments, we take the prevention of money laundering (AML) and terrorist financing (CFT) seriously.

Transaction monitoring: We use automated systems to analyze incoming transactions (Crypto Transaction Monitoring). Payments from addresses associated with Darknet marketplaces, mixers, or sanctions lists are blocked.

Identification: For corporate plans and access to high-speed scanning, we reserve the right to request identity verification (KYC) of the beneficial account owner.

Sanctions: We strictly comply with US (OFAC), EU, and UN sanctions lists. We do not provide services to citizens and companies from countries under full embargo (Iran, North Korea, etc.).

3. GDPR and Data Privacy

We respect the right to privacy and comply with the General Data Protection Regulation (GDPR).

IP addresses as personal data: We acknowledge that in some jurisdictions, IP addresses may be considered personal data. We process them based on legitimate interest — ensuring internet security and research activities (Recital 49 GDPR).

Right to be forgotten (Opt-Out): We provide network and IP address owners with a mechanism to exclude their infrastructure from our scanning. If you are a network owner and want to prohibit scanning, send a request to abuse@scanitex.com or use the form on the website.

Data storage: User data (logins, scan history) is stored in encrypted form and is not shared with third parties for marketing purposes.

4. Law Enforcement Cooperation

Scanitex is not a haven for cybercriminals.

Logging: We maintain audit trails of user actions, including login IP addresses, task parameters, and payment history, for the legally required period.

Response to requests: We are prepared to cooperate with law enforcement agencies of competent jurisdiction upon receipt of an official, lawful court order or request. We do not respond to informal requests without legal justification.

5. Responsible Disclosure

If during the operation of our scanners we accidentally discover a critical vulnerability or sensitive data leak, we adhere to responsible disclosure principles:

  • We do not publish vulnerability data publicly.
  • We make reasonable efforts to notify the affected resource owner (via WHOIS contacts or security.txt).

6. Abuse Handling Mechanism

We understand that mass scanning may trigger security systems (IDS/IPS).

Identification: All our scanners have configured Reverse DNS records and transmit a special User-Agent containing a link to project information.

Contacts: For prompt resolution of issues related to traffic from our servers, a dedicated support line has been created: abuse@scanitex.com. We guarantee a response and action within 24 hours.