Last updated: May 5, 2026
This Privacy Policy explains how FrameLock, a product of SysINet Infosolutions LLP, collects, uses, protects, and handles information when you use framelock.in, our website security scanner, vulnerability reporting platform, forum, forms, reports, and related services. By using FrameLock, you agree to this Privacy Policy.
FrameLock is a responsible web security platform that helps website owners and ethical security researchers identify and report potential web security misconfigurations and vulnerabilities. FrameLock currently focuses on clickjacking testing and reporting. In the future, FrameLock may support additional non-destructive website security checks, including but not limited to missing HTTP security headers, SPF/DNS-related checks, information disclosure checks, and other web security misconfiguration checks.
FrameLock is owned and operated by:
SysINet Infosolutions LLP
Thane, Maharashtra, 401107
India
FrameLock acts only as a platform for ethical testing, reporting, communication, and responsible disclosure. FrameLock does not exploit vulnerabilities, bypass authentication, steal data, damage websites, disrupt services, or perform unauthorized attacks.
FrameLock is designed to minimize the collection of user-related data. We aim to collect and retain only the minimum information necessary to:
FrameLock does not sell personal information. FrameLock does not use vulnerability reports, scan data, or researcher activity for advertising purposes. FrameLock does not export personal information to advertisers, data brokers, or unrelated third parties.
Depending on how you use FrameLock, we may collect or process limited information as described below.
When you create or access an account, we may collect or process:
Authentication information is used only to verify users, protect accounts, prevent misuse, and operate the platform. Passwords should be stored securely using appropriate technical safeguards, such as hashing and other security controls.
If you are a website owner or authorized representative, we may collect or process:
If you are a security researcher, we may collect or process:
When you scan a website or submit a report, FrameLock may process:
You should not submit passwords, API keys, private tokens, confidential business data, personal data of third parties, or any information you are not authorized to share.
For security, abuse prevention, authentication, debugging, and platform operation, we may process limited technical information such as:
FrameLock does not maintain activity logs of website owners or security researchers for advertising, profiling, or commercial tracking. However, limited technical logs may be temporarily processed where necessary for authentication, platform security, debugging, fraud prevention, abuse prevention, legal compliance, or service operation.
We may use information to:
FrameLock does not use submitted reports or scan data to conduct exploitation, hacking, unauthorized access, or attacks.
FrameLock uses authentication methods such as OTP and password-based login where applicable. All connections to FrameLock are available through HTTPS only.
We use reasonable technical and organizational safeguards to protect platform access, account information, scan data, submitted reports, and communications. However, no online platform can guarantee absolute security. Users are responsible for keeping their account credentials safe and for avoiding submission of sensitive or unauthorized information.
FrameLock does not sell personal information. We may share information only in the situations described below.
If a security researcher submits a vulnerability report through FrameLock, relevant report information may be shared with the website owner or authorized representative. This may include:
We may use trusted service providers to help operate FrameLock, such as:
These providers may process limited information only as needed to provide services to FrameLock.
We may disclose information if necessary to:
FrameLock is not designed to collect sensitive personal, confidential, or private information. Please do not submit:
If evidence is required for a report, users should redact or mask sensitive information before submitting it.
FrameLock may use cookies or similar technologies to:
You can control cookies through your browser settings. Some features may not work correctly if cookies are disabled.
FrameLock retains information only for as long as necessary to operate the platform, provide services, prevent abuse, resolve disputes, comply with legal obligations, and maintain security.
Retention may vary depending on the type of information:
Users may request deletion of their personal information, subject to legal, security, anti-abuse, and operational requirements.
FrameLock does not maintain activity logs of website owners or security researchers for advertising, profiling, or commercial tracking. FrameLock may temporarily process limited technical information where necessary for:
FrameLock may process vulnerability report data to enable responsible disclosure between security researchers and website owners. Website owners are responsible for reviewing, validating, accepting, rejecting, prioritizing, and fixing reports. Security researchers are responsible for ensuring that their testing and reporting activities are lawful, ethical, non-destructive, and authorized where required.
FrameLock does not guarantee that any report is accurate, complete, valid, exploitable, accepted, rewarded, or fixed.
FrameLock may use infrastructure or service providers located in India or other countries. By using FrameLock, you understand that information may be processed and stored in locations where privacy laws may differ from those in your location. Where required, we take reasonable steps to protect such information in accordance with applicable law.
Depending on applicable law, you may have the right to:
To exercise these rights, contact us at: privacy@framelock.in
We may need to verify your identity before processing your request.
FrameLock is not intended for children. Users under 18 should not use FrameLock without appropriate consent and supervision from a parent or legal guardian. If you believe a child has provided information to FrameLock, contact us at: privacy@framelock.in
FrameLock may scan, reference, or link to third-party websites. We are not responsible for the privacy practices, security, content, or policies of third-party websites. Your use of third-party websites is governed by their own terms and privacy policies.
To protect FrameLock and others, we may monitor for misuse, including:
We may block, limit, suspend, or terminate access if we believe the platform is being misused.
If we become aware of a security incident affecting user information, we will take reasonable steps to investigate, contain, and address the incident. Where required by applicable law, we may notify affected users, authorities, or other relevant parties.
We may update this Privacy Policy from time to time. When we update it, we will change the "Last updated" date above. Your continued use of FrameLock after changes are posted means you accept the updated Privacy Policy.
For privacy questions, requests, or complaints, contact:
SysINet Infosolutions LLP
Thane, Maharashtra, 401107
India
Privacy: privacy@framelock.in
Security: security@framelock.in