Legal

Terms of Service

Last updated: 1 June 2026. Please read before using PenScan.

The most important rule

You may only use PenScan to scan systems that you own or have explicit written authorisation to test. Scanning systems without authorisation is illegal in most jurisdictions and will result in immediate account termination and referral to law enforcement.

1. Acceptance

By creating an account or using PenScan, you agree to these Terms of Service and our Privacy Policy. If you do not agree, do not use PenScan. These terms apply to all users of the platform.

2. Authorised use

PenScan is a security testing platform intended for legitimate use only. You agree to:

  • Only scan domains and systems you own or have written authorisation to test.
  • Complete ownership verification (DNS TXT record) before running any scan.
  • Acknowledge the legal disclaimer displayed before each scan.
  • Use PenScan findings responsibly and in accordance with applicable law.

Prohibited uses include: scanning systems without authorisation, using PenScan to facilitate attacks on third parties, circumventing ownership verification, reverse engineering the platform, or sharing account credentials.

3. Credits & billing

Credits are purchased in advance and deducted per scan. Credits do not expire. All purchases are final — we do not offer refunds on credits once purchased, except where required by applicable law. Payment is processed by Razorpay. All prices are in USD.

4. Accounts

You are responsible for maintaining the security of your account credentials. You must notify us immediately at hello@penscan.org if you suspect unauthorised access. One person may not share an account with multiple individuals — each user must have their own account.

5. Termination

We may suspend or terminate your account immediately if we determine you have violated these terms, particularly the authorised use requirements. You may close your account at any time by contacting support. Upon termination, your scan data will be deleted within 30 days.

6. Service availability

We aim for high availability but do not guarantee uninterrupted service. We may perform maintenance that causes temporary downtime. We are not liable for losses resulting from service interruptions. Scan credits are not refunded for downtime-related scan failures — credits are only consumed for completed scans.

7. Liability limitation

PenScan is provided "as is". We do not warrant that scans are complete or error-free. Security scanning is inherently probabilistic — we may not detect all vulnerabilities. You are responsible for your own security posture. Our liability is limited to the amount you paid for credits in the 3 months preceding any claim.

8. Intellectual property

PenScan and all associated trademarks, software, and content remain the property of PenScan. You retain ownership of your scan data and results. You grant us a limited licence to process your data solely to provide the service.

9. Changes to terms

We may update these terms. We will notify registered users by email at least 14 days before material changes take effect. Continued use after that date constitutes acceptance. The current version is always available at penscan.org/terms.

10. Contact

Questions about these terms: hello@penscan.org. Legal matters may also be addressed to the same email marked "Legal".