Privacy Policy

Last updated: April 12, 2026

The short version

We collect as little as possible. Free scans are completely anonymous. Paid accounts only require an email. We never sell your data. We don't use tracking cookies. Your scan data automatically expires after 30 days.

What We Collect

Free scans (no account)

Nothing about you. When you run a free single-page scan, we don't collect or store any information about who you are. No cookies, no IP logging, no tracking, no analytics.

We cache scan results by URL for 24 hours to speed up repeated scans of the same page. This cache contains only the URL and results, with no connection to any person.

Paid subscribers

For paid accounts, we collect:

  • Email address for account access, password resets, and sending scan notifications. That's it.
  • URLs you add for monitoring to perform the scans you requested.
  • Scan results including detected issues, so you can view your scan history and track progress.

What We Don't Collect

  • No tracking cookies or advertising identifiers
  • No third-party analytics (no Google Analytics, no Mixpanel, none)
  • No IP address logging for free users
  • No browsing behavior tracking
  • No device fingerprinting
  • No data from third-party sources

How We Use Your Data

We use subscriber data only to provide the service you paid for:

  • Email: Account access, password resets, and scan notifications (you can disable notifications in settings)
  • URLs: To perform the accessibility scans you requested
  • Scan results: To show you your scan history and generate reports

We don't use your data for advertising, profiling, or any purpose beyond operating the service.

Data Retention

  • Free scan cache: 24 hours, then automatically deleted
  • Scan results: 30 days from scan date, then automatically deleted (including associated issues and reports)
  • Account data: Retained until you cancel your account

When you cancel your subscription, we stop running new scans. Your existing scan history expires naturally over 30 days. After that period, your data is fully deleted.

Data Sharing

We don't sell your data. Ever.

We share data only with:

  • Polar.sh: Our payment processor. They handle payment information according to their privacy policy.
  • Infrastructure providers: Your data is stored on servers provided by cloud infrastructure companies. They process data according to strict data processing agreements.

We don't share your data with advertisers, data brokers, or anyone else.

Public Reports

When you create a shareable report, it generates a unique URL that anyone with the link can view. These reports contain scan results (URL, score, issues found) but do not identify you as the account holder.

You control when to create and share reports. Reports are automatically deleted when the underlying scan data expires (30 days).

Your Rights

You can:

  • Access your data: View all data we have about your account through your dashboard
  • Export your data: Download your scan history (coming soon)
  • Delete your account: Cancel your subscription and all data expires within 30 days
  • Disable notifications: Turn off scan alert emails in account settings

These rights apply whether you're in the EU (GDPR), California (CCPA), or anywhere else.

Security

We protect your data with:

  • TLS encryption for all data in transit
  • Encrypted database storage
  • Regular security updates
  • Minimal data collection (less data = less risk)

Children's Privacy

ADA Proof is not intended for use by children under 13. We don't knowingly collect data from children.

Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be announced via email to subscribers.

Contact

Privacy questions: [email protected]