No-Logs Policy — AllScanTool

No-Logs Guarantee

AllScanTool does not store, log, retain, or track any code, metadata, or scan activity. Every scan is processed in volatile memory and discarded instantly upon completion. Nothing about your scan — not the code, not the findings, not the timestamp — is ever written to disk, a database, or any log.

What We Do Not Collect

The code you paste or upload for scanning
The findings, scores, or results of any scan
Timestamps or metadata about when scans occurred
IP addresses linked to scan activity
Browser fingerprints or device identifiers
Behavioral analytics or usage patterns
Cookies beyond essential UI state
Third-party tracking of any kind

What Happens During a Scan

Step 1 — Input

Code is pasted into the browser textarea and sent via HTTPS POST to api.allscantool.com. Transmission is TLS-encrypted end to end.

Step 2 — Processing

The Cloudflare Worker receives the code and runs deterministic pattern-matching in volatile memory only. No code is written to disk at any stage.

Step 3 — Response

Findings are returned as a JSON response — severity, label, plain-English explanation, and fix suggestion. The scan ID is generated client-side and never transmitted to our infrastructure as a linked record.

Step 4 — Disposal

All scan data is discarded immediately after the response is sent. The Worker's execution context is terminated. Nothing is retained in memory or storage after the response completes.

What We Do Collect (Minimum Required)

Operational uptime metrics — api.allscantool.com response status only — no code content
Error counts and Worker health signals — no user data attached
Email address and account start date — Pro tier accounts only — when billing is active January 2027

Operational metrics never contain code content, scan results, or any user-identifiable data from scanning activity. They exist solely to confirm the service is running.

Architecture That Makes This Possible

Infrastructure

Cloudflare Workers — stateless edge functions — no persistent server state — no database bindings

Storage bindings

None — no KV, no R2, no Durable Objects, no D1 — zero storage APIs active

Logging

Cloudflare Worker logging is disabled for scan requests — no code content is written to any log

Analytics

No Google Analytics, no Mixpanel, no Amplitude, no third-party tracking of any kind

Memory model

Each Worker invocation is isolated — memory is cleared after each request — no cross-request state

Enterprise Trust Trio

No-Logs Guarantee

No code, no metadata, no scan activity is stored, logged, or retained at any point.

Zero-Trust Architecture

Every scan is treated as an isolated, untrusted event. No session state. No retained context.

Deterministic Engine

No AI. No generative text. No model training on user code. Same input always produces the same output.

Verification

Independent confirmation

The Worker source code and binding configuration are available for review by enterprise procurement teams upon request to admin@allscantool.com

Uptime monitoring

Public status page — https://stats.uptimerobot.com/BYcJPzBDsQ — confirms service availability without exposing scan data

Security brief

Full Security Architecture Brief available at allscantool.com/security-brief

Policy Details

Operator

Lexicon Media Holdings LLC

Effective date

Effective from public launch — January 1, 2027

Last updated

May 29, 2026

Contact

admin@allscantool.com