SecurityMetrics, Inc. is aware of the privacy concerns of its customers. Our policy for collecting and using personal information is detailed below.


SecurityMetrics' policy in relation to information collected through registration, testing, and/or any other means is to respect and protect the privacy and confidentiality of our users. SecurityMetrics does not disclose, rent, or sell email addresses, security test results, or any other information that we may receive to any third party, unless:

  • Specifically requested by the customer;
  • Requested or required by applicable credit card associations, or credit card processors with which SecurityMetrics has a contractual agreement;
  • In response to duly authorized information requests of governmental authorities or where required by law;
  • In connection with any legal proceedings where disclosure of such data has been requested or required; or
  • To an agent of SecurityMetrics acting on behalf of SecurityMetrics (e.g., for database hosting, data processing or mailing services). In this case, SecurityMetrics will make certain that the agent complies with the Safe Harbor Privacy Principles (as defined below) and our commitments in this policy.

SecurityMetrics may use the information and data submitted by users and customers for any other purposes related to SecurityMetrics' business that are compatible with the purposes for which your information was collected by SecurityMetrics, including, but not limited to, conducting market research, improving its products and services, sending surveys, and notifying customers of product upgrades and updates, new products, special offers, seminars and conventions and any other changes within SecurityMetrics that may affect customers and users.

SecurityMetrics believes in protecting your privacy. When we collect personal information from you on our website, we comply with the U.S.-EU Safe Harbor Framework and U.S.-Swiss Safe Harbor Framework regarding the collection, use and retention of personal data from the European Union and the Safe Harbor Privacy Principles published by the U.S. Department of Commerce (the "Safe Harbor Privacy Principles"). For more information about the Safe Harbor Privacy Principles, please visit the U.S. Department of Commerce's Website at These are our promises to you:

  • We'll collect only as much personal information as we need for specific, identified purposes, and we won't use it for other purposes without obtaining your consent.
  • We'll keep your personal information only as long as we need it for the purposes for which we collected it, or as permitted by law.
  • We'll take appropriate steps to make sure the personal information in our records is accurate.
  • We'll provide ways for you to access your personal information, as required by law, so you can correct inaccuracies.
  • We'll take appropriate physical, technical, and organizational measures to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
  • Except as described in this policy, we won't share your personal information with third parties without your consent.
  • If we transfer your personal information to another country, we'll take appropriate measures to protect your privacy and the personal information we transfer.
  • We'll regularly review how we're meeting these privacy promises, and we'll provide an independent way to resolve complaints about our privacy practices. If a complaint or dispute cannot be resolved through our internal process, we agree to participate in the dispute resolution procedures of the panel established by the European Data Protection Authorities to resolve.


This privacy policy may be amended from time to time consistent with the requirements of the Safe Harbor Privacy Principles. We will post any revised policy on this website.






  1. {{e2.content}}


  2. {{e2.content}}

    1. {{e3.content}}
      1. {{e4.content}}
    • {{e3.content}}
  • {{e2.content}}
    • {{ e3.content }}

Scanning Abuse

SecurityMetrics, Inc., is a PCI Approved Scanning Vendor under certificate number 3707-01-08 and performs security assessment scans within the guidelines of the PCI data security initiative.


It is important to allow SecurityMetrics security scanners to have the same level of network access to your Internet-connected devices that you provide to the rest of the world under normal circumstances. Users of SecurityMetrics scanning services are encouraged to add rules to their firewalls and inform their ISPs or hosting providers that security assessment scans may originate from the scanning locations listed in the table below. Ensuring that traffic from SecurityMetrics scanners does not get blocked ensures maximum accuracy of the security assessments, which leads to better security. If you have any questions, please contact SecurityMetrics Technical Support.

SecurityMetrics Scanners


Users of SecurityMetrics scanning services are required to consent to abiding by the Terms of Use before purchasing scanning services from SecurityMetrics. SecurityMetrics takes reports of abuse very seriously and works with ISPs, hosting providers, and other organizations to ensure that any abuse is dealt with in a timely and appropriate manner.


Do you believe some form of SecurityMetrics scanning service abuse is occurring?
Please email us (

We are excited to work with you.


Thank you!

Your request has been submitted.