Skip to main content
Back to Home

Privacy Policy

Last updated: 6/5/2026

This Privacy Policy explains how DarkWebSonar, LLC (“DarkWebSonar,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you visit our websites, use our web applications, or otherwise interact with us, collectively, the “Services”.

If you do not agree with this Policy, please do not use the Services. Capitalized terms not defined here have the meanings set out in our Terms of Use.

1) Who we are & how to contact us

Controller. For the activities described in this Policy, DarkWebSonar, LLC is the data controller (except where we process Customer Data on behalf of a customer, in which case we act as processor—see Section 6).

Contact. support@darkwebsonar.io
Postal: DarkWebSonar, LLC, Attn: Privacy, [Insert Address]
EU/UK inquiries: If required, we will appoint an EU/UK representative and update this Policy with their details.

2) What we collect

We collect information in the following categories:

  • Account & Profile Data: name, email, password hash, role, organization, billing contact, support communications.
  • Usage & Device Data: pages viewed, links clicked, feature usage, timestamps, IP address, device/browser type, language, referrer/UTM data.
  • Transaction Data: plan purchased, payment method (tokenized), billing address, last 4 digits (from our payment processor), invoices, refunds.
  • Support & Feedback: tickets, chat messages, support form submissions, and survey responses.
  • Marketing Data: email preferences, campaign engagement, preferences.
  • Customer Data (SaaS): information you or your users submit into the platform (e.g., monitored domains/assets, alert rules). We process this as a processor—see Section 6.

We do not knowingly collect sensitive categories (e.g., health data) through the website.

Sources

  • Directly from you (forms, account creation, support).
  • Automatically via cookies, SDKs, and similar tech (see Section 8).
  • From third parties (partners, payment processors, analytics, or if an organization adds you as a user).

3) Why we use your information (purposes & legal bases)

We use personal information for:

  1. Provide and secure the Services (create accounts, authenticate, prevent fraud, secure infrastructure).
    • Legal bases: Contract, Legitimate interests, Legal obligation.
  2. Product analytics and improvement (measure feature adoption, fix bugs, improve UX).
    • Legal bases: Legitimate interests or Consent (where required for non-essential cookies).
  3. Customer support and communications (respond to requests, provide notices about changes).
    • Legal bases: Contract, Legitimate interests.
  4. Billing and account management (process payments, prevent chargebacks, send invoices).
    • Legal bases: Contract, Legal obligation, Legitimate interests.
  5. Marketing (send product updates, newsletters, or promotions if you opt in; measure campaign performance).
    • Legal bases: Consent where required; Legitimate interests otherwise. You can opt out anytime.
  6. Compliance (enforce Terms, comply with law, protect rights/security).
    • Legal bases: Legal obligation, Legitimate interests.

4) Sharing & disclosure

We do not sell personal information. We share it with:

  • Service providers / processors: hosting, authentication and database (e.g., Supabase), payment processing (e.g., Polar, Stripe), analytics and product telemetry (e.g., PostHog, Google Tag Manager/Analytics), email delivery (e.g., Resend, SendGrid, SES), logging/monitoring, and content delivery networks.
  • Professional advisors: auditors, accountants, lawyers.
  • Change of control: in a merger, acquisition, or asset sale, data may transfer subject to this Policy.
  • Legal & safety: to comply with law or protect rights, safety, and security (see Terms).

We require recipients to protect personal information and use it only for our instructions and the purposes described here.

5) Retention

We retain personal information only as long as necessary for the purposes above, including to meet legal, accounting, or reporting requirements. Criteria include the nature of the data, the risk of harm from unauthorized use, and whether we need it to maintain and improve the Services. We also keep limited backups and logs for security and continuity.

You can request deletion (see Section 10). Some data (e.g., invoices, fraud logs) may be retained as required by law.

6) Customer Data (processor role) & Data Processing Addendum

When an organization uses our SaaS, they control what Customer Data is submitted to the platform (e.g., monitored domains/assets, alerts, users). For Customer Data:

  • The customer is the controller.
  • DarkWebSonar is the processor and processes Customer Data only pursuant to the customer’s instructions, our Terms, and any Data Processing Addendum (“DPA”).
  • We do not use Customer Data for advertising or cross-customer profiling.

If your organization requires a DPA, contact us at support@darkwebsonar.io.

7) International transfers

We operate globally and may transfer personal information to countries other than your own (including the United States). Where required, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms. Copies of applicable safeguards can be requested at the contact above.

8) Cookies, SDKs & similar technologies

We use cookies, local storage, and similar technologies to run the website and understand product usage.

  • Strictly necessary (no consent required): session/auth cookies, security cookies, load balancing.
  • Analytics & product telemetry (consent where required): PostHog (product analytics, feature flags, session replays), Google Tag (site analytics, tag loading), Ahrefs (traffic analytics), Microsoft Clarity (if enabled), and internal diagnostics.
  • Support: Support form submissions are processed via our support system and sent via email.
  • Payments: Polar and Stripe (checkout, subscription billing, fraud prevention).
  • CDN & assets: images and fonts may load from cdn.darkwebsonar.io, Pexels, Google Fonts.

Managing cookies

Where required by law (e.g., EU/UK), we obtain consent before setting non‑essential cookies. You can change preferences anytime via the cookie settings link in the footer. You may also set your browser to block or delete cookies; some features may not work without them.

9) Security

We implement reasonable and appropriate technical and organizational measures to protect personal information, including encryption in transit, access controls, monitoring, and vulnerability management. No method of transmission or storage is 100% secure; you use the Services at your own risk.

10) Your rights

Depending on your location, you may have the following rights (subject to limits under applicable law):

  • Access: request a copy of your personal information.
  • Correction: ask us to correct inaccurate or incomplete data.
  • Deletion: request deletion of your personal information.
  • Portability: receive data in a structured, commonly used format.
  • Restriction / objection: restrict or object to certain processing, including marketing.
  • Consent withdrawal: withdraw your consent at any time (does not affect prior processing).

EU/UK: You also have the right to lodge a complaint with your local supervisory authority.
California (CPRA): You have rights to know, delete, correct, and opt out of the sale/share of personal information and targeted advertising. We do not “sell” personal information as those terms are defined, and we honor global privacy control (GPC) signals where applicable.

To exercise rights, email support@darkwebsonar.io. We may need to verify your identity and, if you are an agent, your authorization.

11) Children’s privacy

Our Services are not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided personal information, contact us and we will take appropriate steps to delete it.

12) Third‑party links

Our Services may contain links to third‑party websites or services. We are not responsible for their privacy practices. Review their policies before providing personal information.

13) Changes to this Policy

We may update this Policy from time to time. If changes are material, we will notify you (e.g., via the website or email). Your continued use after the effective date means you accept the changes.

14) How to contact us

Questions or requests about this Policy: support@darkwebsonar.io.

If you have any questions about this Privacy Policy, please contact us at support@darkwebsonar.io

We use cookies to improve your experience

Help us understand how visitors interact with our website by collecting anonymous information (Google Analytics, Ahrefs, PostHog).