By using Endolum Sentinel ("the Service"), you agree to the following terms.
Authorized Use. The Service is designed to scan IP addresses and networks that you own or are explicitly authorized to test. For the free tier, the Service automatically detects your public IP address from your connection and only scans that address. You confirm that you are the owner or authorized operator of the network behind the detected IP address.
Credential Testing. The scan includes testing detected services for default and weak credentials using common password lists. By initiating a scan, you explicitly authorize this testing. The Service stops at the first successful credential match per service and does not access the service further.
Prohibited Use. You may not use the Service to scan, test, or assess infrastructure that you do not own or are not authorized to test. Attempting to circumvent IP verification, rate limiting, or other technical controls is prohibited. Violation of these terms may result in service termination and referral to law enforcement.
Limitation of Liability. The Service is provided as is, without warranty. Endolum is not liable for any damages arising from the use of the Service, including but not limited to data loss, service interruption, or reliance on scan results. Scan results are informational and do not constitute a professional security audit.
Business Accounts. Business customers operate under a separate service agreement provided upon account activation. Business accounts are activated manually after payment processing.
Data We Collect. When you use the free scan, we collect: your IP address (from the connection), your email address (for report delivery), user agent string, and the scan results. For business accounts, we additionally collect: company name, contact name, and account credentials.
How We Use Data. IP addresses are used solely to perform the requested vulnerability scan and verify residential ISP ownership. Email addresses are used to deliver scan reports. We do not use your data for marketing or share it with third parties.
Data Retention. Free tier scan data (results, IP address) is permanently deleted 24 hours after the scan completes. Email addresses are retained for report delivery only and can be deleted on request. Business tier data is retained for the duration of the subscription. Consent records are retained for legal compliance purposes.
Data Security. All data is encrypted in transit (TLS). Database backups are encrypted. Access to production systems is restricted to authorized personnel.
Your Rights. You may request deletion of your data at any time by contacting sentinel@endolum.io. We will process your request within 30 days.
The following activities are prohibited:
Violations will result in immediate service termination. Serious violations may be reported to law enforcement.
Questions about these terms? Contact sentinel@endolum.io