Privacy Policy

1. Introduction

AccessibilityScanner ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website accessibility scanning service at accessibilityscanner.top ("Service").

By using our Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Information You Provide Directly

Category	Data Elements	Purpose
Account Information	Name, email address, password (hashed)	Account creation and authentication
Payment Information	Billing address, payment method (processed by WayForPay)	Transaction processing
Contact Information	Name, email, phone (optional), message content	Customer support
Scan Data	URLs submitted for scanning, scan results, reports	Service delivery

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, scan history, timestamps
• Device Information: Browser type and version, operating system, screen resolution
• Network Information: IP address, approximate geolocation (country/region level)
• Cookies and Tracking: See our Cookie Policy for complete details

2.3 Information from Third Parties

• OAuth Providers: If you sign in with Google or Facebook, we receive your name, email, and profile picture
• Payment Processors: Transaction confirmation and payment status

3. How We Use Your Information

We use your information for the following purposes:

Purpose	Legal Basis
Provide and maintain the Service	Contract performance
Process payments and manage subscriptions	Contract performance
Send transactional emails (receipts, scan results)	Contract performance
Respond to support inquiries	Contract performance / Legitimate interest
Send marketing communications (with consent)	Consent
Analyze usage to improve the Service	Legitimate interest
Detect and prevent fraud or abuse	Legitimate interest / Legal obligation
Comply with legal requirements	Legal obligation

4. Third-Party Services

We use the following third-party services that may process your data:

Service	Purpose	Data Shared
WAVE API (WebAIM)	Accessibility analysis	URLs submitted for scanning
Anthropic Claude	AI-powered recommendations	Page content for analysis (Business plan)
Google Lighthouse	Performance and accessibility audits	URLs submitted for scanning
WayForPay	Payment processing	Payment and billing information
Google OAuth	Social login	Authentication tokens
Facebook OAuth	Social login	Authentication tokens

Each third-party service is governed by its own privacy policy. We encourage you to review their policies.

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information.

We may share your information in the following circumstances:

• Service Providers: With vendors who assist in operating our Service (hosting, payment processing, email delivery), under contractual obligations to protect your data
• Legal Requirements: When required by law, subpoena, court order, or governmental request
• Protection of Rights: To protect our rights, property, or safety, or that of our users or the public
• Business Transfers: In connection with a merger, acquisition, bankruptcy, or sale of all or part of our assets
• With Your Consent: When you explicitly authorize us to share your information

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: All data transmitted via HTTPS/TLS encryption
• Password Security: Passwords are hashed using bcrypt algorithm
• Access Controls: Role-based access to production systems
• Monitoring: Automated security monitoring and alerts
• Backups: Regular encrypted backups with secure storage

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you use the Service at your own risk.

7. Data Retention

Data Type	Retention Period
Account information	Until account deletion + 30 days
Scan results and reports	12 months from scan date
Payment records	7 years (tax compliance)
Contact form submissions	2 years
Server logs	90 days
Marketing preferences	Until withdrawal of consent

After the retention period, data is securely deleted or anonymized.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a machine-readable format
• Restriction: Request limitation of processing
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw previously given consent at any time

To exercise these rights, contact us at privacy@accessibilityscanner.top. We will respond within 30 days.

8.1 For EU/EEA/UK Residents (GDPR)

If you are located in the European Union, European Economic Area, or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) and UK GDPR respectively. In addition to the rights listed above:

• We will respond to your requests within one month (extendable by two months for complex requests)
• We will not charge a fee for reasonable requests, but may charge a reasonable fee for manifestly unfounded or excessive requests
• You have the right to lodge a complaint with your local supervisory authority if you believe your rights have been violated

Supervisory Authority: You may contact the data protection authority in your country of residence. A list of EU data protection authorities is available at https://edpb.europa.eu.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

9.1 Right to Know

You have the right to request disclosure of:

• Categories of personal information collected
• Specific pieces of personal information collected
• Categories of sources from which information is collected
• Purpose for collecting or selling personal information
• Categories of third parties with whom information is shared

9.2 Right to Delete

You can request deletion of your personal information, subject to certain exceptions.

9.3 Right to Opt-Out

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

9.4 Right to Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

9.5 Shine the Light

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information for such purposes.

9.6 Authorized Agent

You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization.

9.7 How to Exercise Rights

Submit requests to:

• Email: privacy@accessibilityscanner.top
• Subject line: "California Privacy Request"

We will verify your identity before processing requests. Response within 45 days.

10. International Data Transfers

Our Service is operated from Ukraine. Your personal data is primarily stored and processed on servers located in Ukraine and the European Union.

However, some of our third-party service providers may process data in other countries, including the United States:

• WAVE API (WebAIM): United States — URLs submitted for scanning
• Anthropic Claude AI: United States — Page content for AI analysis (Business plan only)
• Google Services: United States/Global — OAuth authentication, Lighthouse audits

When we transfer personal data outside of Ukraine or the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with an adequacy decision
• Binding Corporate Rules where applicable

By using our Service, you acknowledge and consent to the transfer and processing of your information as described above. You may contact us at privacy@accessibilityscanner.top for more information about specific safeguards.

11. Do Not Track

Some browsers have a "Do Not Track" (DNT) feature. We currently do not respond to DNT signals because there is no industry standard for DNT. However, you can use browser settings to manage cookies and tracking.

12. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

If you believe a child has provided us with personal information, please contact us at privacy@accessibilityscanner.top.

13. Marketing Communications

With your consent, we may send you promotional emails about new features, special offers, and updates. You can opt-out at any time by:

• Clicking "Unsubscribe" in any marketing email
• Updating preferences in your account settings
• Contacting us at privacy@accessibilityscanner.top

Note: You cannot opt-out of transactional emails (receipts, security alerts, service notifications).

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page with a new "Last updated" date
• Sending an email to your registered email address (for significant changes)
• Displaying a prominent notice on our Service

Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

We will respond to privacy-related inquiries within 30 days. For EU/EEA residents exercising GDPR rights, we will respond within the legally required timeframe.