Privacy Policies

Overview

VulnScout is an Android application for searching and tracking CVE vulnerabilities from the National Vulnerability Database (NVD). This Privacy Policy explains how the application handles information.

Data Collection

VulnScout does not collect, store, or transmit any personal data from users. Specifically:

• No account or login is required.
• No user identifiers, analytics, or tracking are used.
• No advertising SDKs are included.
• No crash reports or telemetry are sent to external services.

Data Stored on Your Device

All data generated by VulnScout is stored exclusively on your device:

• The local copy of the NVD vulnerability database (downloaded from NIST).
• Application configuration (sync frequency, API key if provided, etc.).

This data never leaves your device and is deleted when you uninstall the application.

External Network Communication

VulnScout connects exclusively to the following official endpoint:

• NVD API (NIST) — services.nvd.nist.gov — to download vulnerability data. All communication is encrypted via HTTPS.

No user data is sent in any of these requests. Only standard technical parameters (date ranges, filters) are included in API calls.

NVD API Key (Optional)

Users may optionally provide an NVD API key to increase rate limits. This key is stored locally on the device using Android's encrypted DataStore and is never transmitted to Loogical or any third party.

Permissions

• INTERNET — Required to download vulnerability data from NVD.
• RECEIVE_BOOT_COMPLETED — Required to reschedule background sync tasks after device restart.

Children's Privacy

VulnScout is a technical tool intended for adults. It does not target or knowingly collect any information from children under 13.

Changes to This Policy

If this policy is updated, the new version will be published on this page with an updated effective date.

Contact

For questions or concerns regarding privacy, contact us at info@loogical.com.