Security & Data Protection

1. Our Security Approach

Weldscanner is designed to protect inspection records captured in the field, including images and associated inspection context. We focus on practical controls that support traceability, reduce unauthorized access, and keep data available for legitimate operational needs.

This page describes our general approach. We intentionally avoid publishing sensitive implementation details that could increase security risk.

2. What Data We Protect

Depending on your usage, inspection records may include:

• Images captured or uploaded within the app
• Inspection context entered by the user (for example, weld type selections)
• Capture-time metadata associated with inspection records (for example, timestamps and device-related signals)
• Account and license information needed to authenticate users

3. Access Controls

Access to Weldscanner is restricted to authorized users. We use access controls designed to ensure that inspection records are available to permitted users and not broadly exposed. License-based access helps limit who can create and submit inspection records.

If your organization requires additional access patterns (for example, supervisors reviewing submissions), we support workflows that keep access scoped to authorized roles and teams.

4. Secure Storage and Transmission

Weldscanner uses industry-standard cloud infrastructure for storage and hosting. Data is protected using safeguards appropriate for modern web and mobile services, including secure transmission and secure storage practices.

While no system can guarantee absolute security, we take reasonable steps to reduce risk and protect inspection records from unauthorized access.

5. Safeguards Against Abuse and Misuse

Weldscanner is designed to support safeguards intended to reduce duplicate or out-of-context submissions. The platform emphasizes capture-time context and structured record creation to improve traceability and trust in submitted records.

Specific safeguards may vary by deployment and are improved over time as the platform evolves.

6. Operational Monitoring

We monitor the Service for operational reliability and security-related events. This may include logging diagnostic information to identify failures, detect abnormal activity, and maintain availability. Monitoring is used to support the integrity and performance of the Service.

7. Data Retention and Deletion

Inspection records are retained to support normal operational use, internal review, and audit workflows. Retention may depend on account configuration and business requirements. You can request assistance with deletion through our support channels.

If you need project-specific retention policies, contact us to discuss options.

8. Responsible Disclosure

If you believe you have identified a security vulnerability, please report it to us through our contact page. We review reports and aim to respond in a reasonable timeframe.

Please do not publicly disclose vulnerabilities until we have had an opportunity to investigate and address the issue.

9. Questions

For questions about security, data protection, or procurement requirements, contact us via our contact page.