Open navigation menu
Privacy Policy
This page explains how CertScore.ai handles account information, public website scan data, limited evidence context, cookies, and the third-party infrastructure used to operate the service.
To exercise privacy rights, use the CertScore.ai privacy request form or email [email protected].
To manage or cancel a paid subscription, sign in and use the Modify plan page. Payment and subscription management is processed through Stripe.
1. Overview
This Privacy Policy describes how CertScore.ai collects, uses, stores, and retains information when you use certscore.ai and the CertScore.ai service.
2. Account And Submitted Information
We may collect information you provide directly, such as your email address, name, authentication details, submitted domains, scan settings, selected plan, and account preferences.
3. Usage And Operational Data
We may collect technical information needed to operate the service, such as authentication events, usage logs, scan status events, browser metadata, and product interaction data.
4. Website Scan Data
CertScore.ai analyzes publicly accessible website content using automated systems and rule-based checks. We may retain scan metadata, derived signals, counts, booleans, timestamps, evidence URLs, change history, and limited policy or disclosure excerpts when needed to support analysis, review, remediation, and evidence context. We do not describe the service as an archive of full websites or complete policy text bodies.
5. Third-Party Services
CertScore.ai uses third-party infrastructure and service providers, including PostgreSQL-compatible database hosting, S3-compatible object storage, AWS, Stripe for payment and subscription processing, and Gmail SMTP where applicable. These providers process data as part of hosting, job processing, storage, email delivery, payment processing, subscription management, and platform operation.
6. Payments And Subscription Records
Payment card details are handled by Stripe rather than stored directly by CertScore.ai. CertScore.ai may retain Stripe customer identifiers, subscription identifiers, plan status, invoice or checkout status, billing event metadata, and related operational records needed to provide paid plans, support cancellation, reconcile payments, prevent fraud, and maintain business records.
7. Data Retention
We retain account data, scan metadata, and related operational records for as long as needed to operate the service, subject to plan limits, retention settings, and operational needs.
8. Your Privacy Rights
Depending on where you live, you may have rights to request access to personal data, deletion, correction, portability, restriction, objection, or certain opt-outs. CertScore.ai provides a public privacy request form at certscore.ai/privacy-request and also accepts requests sent to [email protected].
9. Cookies and Tracking
CertScore.ai uses cookies and similar technologies to operate the service, maintain sessions, and understand usage. We use Google Analytics and Microsoft Clarity for website analytics and session behavior analysis. Microsoft Clarity is configured with strict masking to avoid intentionally collecting sensitive form inputs or private report content.
10. Security
We use reasonable technical and operational measures to protect account and scan data, but no system can guarantee absolute security.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be reflected on this page with updated content.
12. Contact
If you have privacy-related questions, email [email protected] or use the privacy request form linked from this policy and the site footer.