Audit policy

This policy covers the sovereignty audit tool: what we scan, what we store, how long we keep it, and how shared audit links work.

What we scan

Public surfaces only: the home page and a small set of linked pages, public DNS records, public RIPE database entries, the TLS certificate, and publicly listed subprocessors. We do not log into any service or scan anything that requires authentication.

What we store

The audit result, the detected tools, the pillar scores, and a stable hash for sharing. PII fields like email addresses on the audited domain are not retained.

Retention and sharing

Audit results are retained indefinitely so the score history chart works across re-audits. Shared audit links use a 12-character hash and remain accessible until manually removed by an admin.