Skip to main content
CompliaScan

Privacy Policy

Last updated: February 15, 2026

1. Information We Collect

Account Information: When you create an account, we collect your email address. If you sign in via a third-party provider, we receive your name and profile image as provided by that service.

Scan Data: When you use our scanning tool, we process the URL you submit and store the scan results (accessibility issues found, scores, page metadata). We do not store the content of the scanned pages.

Usage Data: We collect anonymous analytics data including pages visited, features used, and scan completion rates to improve our service.

Payment Information: Payment processing is handled entirely by Stripe. We do not store credit card numbers. We retain your Stripe customer ID and subscription status.

2. How We Use Your Information

  • Provide and maintain the scanning service
  • Send scan results and monitoring alerts to your email
  • Process payments and manage subscriptions
  • Send onboarding and product update emails (you can unsubscribe)
  • Analyze usage patterns to improve the product
  • Prevent abuse and enforce rate limits

3. Data Storage and Security

Your data is stored in a PostgreSQL database hosted on Neon (US region). All data is encrypted in transit via TLS. API keys are stored as SHA-256 hashes — we never store your API key in plaintext after initial creation.

4. Data Sharing

We do not sell your data. We share data only with the following service providers who are necessary to operate CompliaScan:

  • Stripe — payment processing
  • Resend — transactional email delivery
  • Vercel — application hosting
  • Neon — database hosting

5. Data Retention

Scan results for anonymous (non-authenticated) users are automatically deleted after 30 days. Authenticated user data is retained for the duration of your account. You can delete your account and all associated data by contacting us.

6. Your Rights

You have the right to access, correct, or delete your personal data. You can export your scan data via the API (Pro plan and above) or request a data export by contacting us. To delete your account, email us at the address below.

7. Cookies

We use essential cookies for authentication (session tokens). We do not use third-party tracking cookies or advertising pixels. Analytics are collected server-side without client-side trackers.

8. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email to registered users. Continued use of the service after changes constitutes acceptance.

9. Contact

For privacy-related questions or data requests, contact us at privacy@compliascan.com