Privacy Policy

Introduction

Welcome to bxss.io. We are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our blind XSS detection platform.

Data Storage and Control

Bring Your Own Database (BYOD): bxss.io operates on a BYOD model using Cloudflare D1. This means:

• All your data is stored in your own Cloudflare D1 database
• We do not have access to your vulnerability data or test results
• You maintain complete control over your data at all times
• You can delete or export your data whenever you choose

Information We Collect

We collect minimal information necessary to provide our services:

• Authentication Data: GitHub account information (username, email) when you sign in
• Usage Data: Basic analytics to improve our service (anonymized)
• Technical Data: IP addresses, browser type, and device information for security purposes

How We Use Your Information

We use the collected information to:

• Provide and maintain our service
• Authenticate your identity
• Improve and optimize our platform
• Detect and prevent security threats
• Comply with legal obligations

Data Security

We implement industry-standard security measures to protect your information:

• End-to-end encryption for data transmission
• Secure authentication via GitHub OAuth
• Regular security audits and updates
• Isolated database instances (BYOD model)

Third-Party Services

We use the following third-party services:

• GitHub: For authentication
• Cloudflare: For infrastructure and database hosting

These services have their own privacy policies, which we encourage you to review.

Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your account and data
• Export your data
• Opt-out of analytics

Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@bxss.io