Last updated: February 25, 2026
SiteProof (“we”, “our”, “us”) operates getsiteproof.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your privacy and handling your data transparently. Please read this policy carefully. By using the Service, you consent to the practices described herein. If you do not agree with this policy, please do not use the Service.
When you use SiteProof, you may provide: your email address (when requesting a scan report or creating an account), URLs of websites you submit for scanning, account credentials (when you register for a paid plan), billing information (processed securely through our payment provider. We do not store credit card numbers), and any other information you voluntarily provide through forms or communications with us.
When you access the Service, we automatically collect: your IP address (used for rate limiting, abuse prevention, and basic analytics), browser type and version, pages visited and time spent on the Service, referring website addresses, scan metadata including scan date, duration, number of violations found, and device and operating system information.
We want to be clear about what we do NOT collect: personal data from the websites you scan (we scan for accessibility violations only), passwords or authentication tokens from scanned websites, user data or customer data stored on scanned websites, and we do not conduct any form of penetration testing or security scanning.
We use collected information to: provide, operate, and maintain the Service; deliver scan results and requested reports; process transactions and send related information; prevent abuse, enforce rate limits, and maintain security; monitor and analyze usage patterns to improve the Service; communicate with you about product updates, changes, or issues (only with your consent for marketing communications); comply with legal obligations; and detect and prevent fraud or technical issues.
If you are located in the European Economic Area (EEA), our legal basis for collecting and using your information includes: your consent (e.g., when you submit your email for a report), performance of a contract (e.g., providing the scanning service you requested), legitimate interests (e.g., improving the Service, preventing abuse), and compliance with legal obligations.
Your data is stored using the following infrastructure: Supabase (hosted PostgreSQL database) for scan results and user data, Digital Ocean servers located in Sydney, Australia for application hosting, and Cloudflare for DNS, CDN, and DDoS protection.
We implement appropriate technical and organizational measures to protect your data, including: encryption in transit (TLS/SSL), access controls and authentication, regular security updates, and rate limiting and abuse prevention systems. While we strive to use commercially acceptable means to protect your data, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
We do not sell, trade, or rent your personal information to third parties. We may share your data only in these limited circumstances: with service providers who assist in operating the platform (hosting, database, email delivery) under strict data processing agreements; if required by law, regulation, legal process, or governmental request; to protect the rights, property, or safety of SiteProof, our users, or the public; in connection with a merger, acquisition, or sale of assets (you would be notified via email or prominent notice); and with your explicit consent for any other purpose.
SiteProof currently uses only essential cookies required for the Service to function (such as session management). We do not use: advertising or retargeting cookies, third-party tracking scripts (such as Google Analytics or Facebook Pixel), or cross-site tracking of any kind. If we introduce analytics in the future, this policy will be updated and you will be notified.
Depending on your location, you may have the following rights regarding your personal data:
To exercise any of these rights, contact us at [email protected]. We will respond to all legitimate requests within 30 days. We may need to verify your identity before processing your request.
We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). Australian residents have the right to: access their personal information held by us, request correction of inaccurate information, and make a complaint about a breach of the APPs. If you believe we have breached the APPs, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
Your information may be transferred to and processed in countries other than your own. Our primary servers are in Australia, but some service providers may process data in other jurisdictions. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where applicable.
The Service is not intended for use by children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will take steps to delete that information.
We retain your data for as long as necessary to provide the Service and fulfill the purposes described in this policy. Specifically: scan results are retained for the duration of your account or 12 months for free users; email addresses and lead data are retained until you request deletion; account data is retained for the life of your account plus 30 days after closure; and billing records are retained as required by tax and accounting laws. You may request deletion of your data at any time by contacting us.
We may update this Privacy Policy from time to time. Material changes will be communicated via: a prominent notice on the Service, email notification to registered users, and an updated “Last updated” date on this page. We encourage you to review this policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the modified policy.
For privacy-related questions, concerns, or data requests, contact us at:
Email: [email protected]
SiteProof, Australia
For complaints regarding our handling of your personal information, you may also contact the Office of the Australian Information Commissioner at www.oaic.gov.au.