Privacy & Data Policy

Last updated: 13 June 2026

GoNinja ("GoNinja", "we", "us") provides a read-only, multi-cloud security and compliance scanning service delivered as a web application with a hosted backend. This policy explains what we collect, why, where it is stored, and how we protect it. It is written to be plain and specific — if anything is unclear, contact us at support@goninja.com.au.

The short version. We access your cloud account read-only through a role you create and control. We never receive your credentials. We store your email, the cloud account ID you scan, and the scan results — and nothing else. All of it is stored in the AWS Asia Pacific (Sydney) region. You can delete your data, and revoke our access, at any time.

1. Information we collect

Account email — when you create an account, collected via our identity provider, Amazon Cognito.
Cloud account identifier — the 12-digit AWS account ID (and, for future providers, the equivalent subscription/project ID) you choose to scan.
A unique external ID — a random value we generate to bind your scanner role to your account only.
Scan results — the security findings produced when you run a scan (for example, "an S3 bucket has no default encryption"), retained to provide history, trends and drift alerts.
Monitoring preferences — your alert email address and chosen daily scan time, if you enable continuous monitoring.
Subscription status — managed by our payment processor, Stripe. We store only whether your subscription is active; we never see or store card details.

2. What we do NOT collect or store

We never receive or store your AWS credentials, access keys, secret keys, or passwords.
We hold no ability to modify your cloud resources — access is strictly read-only.
We do not collect your browsing history or the content of any other website.
We do not store payment card numbers — all payment data is handled by Stripe.

3. How we access your cloud account

You deploy a CloudFormation template (provided in the app) that creates a read-only IAM role named CloudNinjaScanner in your own account. That role:

Trusts only the GoNinja scanning account, and only when presented with your unique external ID;
Grants the AWS managed SecurityAudit policy — read-only access for security review;
Can be deleted by you at any time, which immediately and permanently revokes our access.

This follows the AWS-recommended cross-account role pattern. Because access is role-based, you never hand us a credential, and you can see exactly what you are granting before you deploy.

4. Where your data is stored (data residency)

All GoNinja processing and storage runs in Amazon Web Services, Asia Pacific (Sydney) region — ap-southeast-2. Specifically:

Amazon DynamoDB — your account record (email, external ID, subscription status, monitoring settings) and your scan history (scores, summaries and finding details).
Amazon Cognito — authentication and your login identity.
Amazon SES — delivery of the security alert emails you enable.
AWS Lambda & API Gateway — the compute that runs scans and serves the application; scans execute in-region and results are returned over HTTPS.

Your data does not leave the Sydney region in the normal course of operating the service.

5. How we use your information

Solely to provide the service: running scans, displaying results, trends and reports, sending the alert emails you enable, and managing your subscription. We do not sell your data, and we do not use it for advertising or any purpose unrelated to providing GoNinja.

6. Data retention

Scan history is retained for up to approximately 13 months and then automatically deleted. Account and subscription records are kept while your account is active. You may request deletion of your account and all associated data at any time (see "Your rights").

7. Third-party processors

Amazon Web Services — hosting, authentication, storage and email delivery (Sydney region).
Stripe — subscription billing and payment processing.

Each processes data only to deliver its part of the service.

8. Security

Access to the service requires authentication, with optional two-factor authentication. Secrets are stored encrypted, all network traffic uses HTTPS, and access to your cloud account is read-only and bound to your unique external ID. No system is perfectly secure, but we follow least-privilege and encryption best practices throughout.

9. Your rights

You may access, correct, export or delete your personal data, and cancel your subscription, at any time. To make a request, email support@goninja.com.au from your registered address.

10. Changes to this policy

We may update this policy from time to time; material changes will be reflected by the "Last updated" date above.

11. Contact

Questions or data requests: support@goninja.com.au

← Back to GoNinja