Your data, handled with care.
Last updated: April 2026
What We Collect
When you use CQwerty Shield, we collect: the domain name you submit for scanning, your email address (if provided), your IP address for rate limiting, and payment information processed securely through Stripe. We do not store credit card numbers on our servers.
How We Use Your Data
We use your data to: perform security scans on the domains you submit, deliver scan reports to your email, process payments for Premium reports, send follow-up emails about your scan results (you can unsubscribe at any time), and improve our service.
What We Scan
CQwerty Shield only analyses publicly available information about your domain. This includes DNS records, SSL/TLS certificates, HTTP security headers, WHOIS registration data, and known breach databases. We do not access your servers, internal networks, or any private data.
Data Storage
Your scan results are stored on servers located in Australia. Reports are retained for 90 days for free scans and indefinitely for Premium reports. You can request deletion of your data at any time by contacting support@cqwerty.com.
Third-Party Services
We use the following third-party services: Stripe for payment processing, Resend for email delivery, Vercel for frontend hosting, and OpenAI for AI-powered analysis. Each service has its own privacy policy governing your data.
Cookies
CQwerty Shield uses minimal cookies. We store an authentication token in your browser local storage to keep you signed in. We do not use third-party tracking cookies or advertising pixels.
Email Communications
If you provide your email address, we may send you: your scan report, follow-up emails about your security findings (Day 3, 7, and 14 after your scan), monthly monitoring reports if you have subscribed, and important service updates. You can unsubscribe from all non-essential emails at any time using the unsubscribe link in each email.
Data Security
We protect your data using industry-standard measures including encrypted connections (TLS), secure password hashing (bcrypt), and restricted database access. Payment processing is handled entirely by Stripe and we never see or store your card details.
Your Rights
You have the right to: access the data we hold about you, request correction of inaccurate data, request deletion of your data, withdraw consent for email communications, and export your scan history. Contact support@cqwerty.com for any data requests.
Changes
We may update this privacy policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance.
Contact
For privacy-related questions or data requests, contact us at support@cqwerty.com. CQwerty Shield is operated from Melbourne, Australia.