Legal
Privacy Policy
Last updated
Summary
ScanAble is a self-serve accessibility auditing service. We collect the minimum data needed to run scans, deliver the paid PDF report, and bill subscribers. We do not sell your data.
Data we collect
- URLs you submit. The public web addresses you ask us to scan. Scan results are stored with the URL.
- Email addresses. Provided at checkout (single PDF) or sign-up (API subscription) so we can deliver the report and receipts.
- Payment metadata. Stripe processes all card data directly. We store only the Stripe customer/session IDs, the last four digits of the card brand description, and amount/currency.
- API usage records. API key ID, timestamp, and URL scanned. Used for rate limiting, metering, and abuse prevention.
- Standard request logs. IP address, user agent, and request path, retained for up to 30 days for security and debugging.
What we do not collect
- We do not store the HTML, screenshots, or DOM of pages we scan.
- We do not track your visitors or install tracking pixels on your site.
- We do not sell or share personal data with advertisers.
Why we process data
- To perform the scan you requested and deliver the report you paid for.
- To process payments and bill subscriptions (via Stripe).
- To send transactional emails (via Resend) — receipts and download links.
- To detect abuse, rate-limit API usage, and keep the service reliable.
- To meet legal tax and accounting obligations.
Sub-processors
- Vercel — hosting and serverless execution (US data center by default, EU on request).
- Neon — managed PostgreSQL for scan records and user data.
- Stripe — payment processing, invoicing, Customer Portal.
- Resend — transactional email delivery.
Retention
- Free preview scan results: retained up to 30 days.
- Paid PDF reports: retained for 30 days after purchase (download window).
- API usage records: retained for 13 months for billing reconciliation.
- Request logs: retained for up to 30 days.
Your rights (GDPR / CCPA)
You can request access to, correction of, or deletion of your personal data by emailing support@scanable.dev. We will respond within 30 days. If you are in the EU/UK, you have the right to lodge a complaint with your local data protection authority.
Cookies
ScanAble uses strictly necessary cookies for session handling on the developer dashboard, and optional analytics cookies via Google Analytics. No advertising cookies are set.
Contact
Privacy questions: support@scanable.dev.