PricingLearn
Theme

Privacy Policy

Last updated: June 14, 2026

1. Who We Are

CompliScan is an e-commerce compliance scanning service operated at compliscan.app. This policy explains how we collect, use, and protect your information when you use our Service.

2. Information We Collect

Account information: When you sign in with Google, we receive your name, email address, and profile identifier. We do not receive or store your Google password.

Store and scan data: Store URLs you submit, scan results (product listings, compliance violations, grades), and store settings (monitoring preferences, regions, regulation targets).

Subscription data: PayPal subscription identifiers and billing status. We do not store your payment card details — those are handled entirely by PayPal.

Marketplace connections: If you connect a marketplace account (e.g., Etsy), we store encrypted OAuth tokens to access your listings. These are encrypted with AES-256-GCM at rest.

Feedback: Messages you submit through the feedback form, along with your email and the page you submitted from.

Leads: Email addresses provided when exporting scan reports (CSV/PDF).

Usage data: We use standard server logs and Vercel analytics. We do not use third-party tracking scripts, advertising pixels, or cookie-based analytics.

3. How We Use Your Information

  • To provide and operate the scanning service
  • To send scan reports, monitoring alerts, and email notifications you have opted into
  • To manage your subscription and billing
  • To respond to feedback and support requests
  • To improve the Service based on aggregate usage patterns

4. What We Do NOT Do

  • We do not sell your personal data to third parties
  • We do not share your data with advertisers
  • We do not use your scan data to train AI models
  • We do not access your marketplace accounts beyond what is needed for scanning

5. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) hosted infrastructure with row-level security enabled. OAuth tokens for marketplace connections are encrypted with AES-256-GCM before storage. All data is transmitted over HTTPS.

6. Data Retention

  • Scan history: Retained based on your plan (Free: last 3 scans, Pro: 90 days, Business: unlimited).
  • Account data: Retained while your account is active. You may request deletion at any time.
  • Marketplace tokens: Deleted immediately when you disconnect a marketplace account.

7. Third-Party Services

We use the following third-party services to operate CompliScan:

  • Google OAuth — authentication
  • PayPal — subscription billing
  • Supabase — database hosting
  • Vercel — application hosting and deployment
  • Gmail SMTP — transactional email delivery
  • Anthropic (Claude) — AI-powered compliant listing generation (Business plan)

Each service is subject to its own privacy policy. We select services that meet reasonable security and privacy standards.

8. Cookies

CompliScan uses essential cookies only: a session cookie for authentication and a scan-tracking cookie (cs_scanned) for the anonymous free scan limit. We do not use advertising or tracking cookies.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your scan data (via CSV/PDF export)
  • Disconnect marketplace accounts at any time

To exercise any of these rights, contact us at support.compliscan@gmail.com.

10. Children's Privacy

CompliScan is not intended for use by individuals under 16 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will indicate the date of the last update at the top of this page. Continued use of the Service after changes constitutes acceptance.

12. Contact

For privacy-related questions or requests, contact us at support.compliscan@gmail.com.