Privacy Policy
Last updated: March 2026
Data controller
The data controller is Synapsea (synapsea.tech), publisher of the Scrutia service.
To exercise your rights or for any questions, contact us.
Data collected
Scrutia only collects data strictly necessary for the service:
- Email address: to send audit results and the PDF report after purchase.
- Audited website URL: to perform the accessibility audit.
- Payment data: processed exclusively by Stripe. Scrutia does not store any credit card numbers.
Purpose of processing
- Performing the requested WCAG accessibility audit
- Sending the audit report by email
- Processing payment
Your email is never used for commercial purposes, prospecting or newsletters. No data is resold to third parties.
Legal basis
Processing is based on your consent (Article 6.1.a of the GDPR), collected via the checkbox before launching the audit, and on contract performance (Article 6.1.b) for report delivery after payment.
Retention period
- Free audits: data deleted after 30 days.
- Paid audits: data retained 12 months to allow report re-download, then deleted.
- Billing data: retained 10 years in accordance with legal accounting obligations.
Subprocessors
| Subprocessor | Usage | Location |
|---|---|---|
| Supabase | Database, PDF storage | EU (Frankfurt) |
| Stripe | Payment | EU / United States (DPF certified) |
| Resend | Transactional email sending | United States (DPF certified) |
| Anthropic | AI analysis (no personal data transmitted) | United States |
| Hetzner | API server | Germany |
| Vercel | Frontend hosting | EU (Frankfurt) / United States |
No personal data (email) is transmitted to Anthropic. Only the public HTML content of the audited site is analyzed.
Your rights
In accordance with the GDPR, you have the following rights:
- Right of access: obtain a copy of your personal data.
- Right of rectification: correct inaccurate data.
- Right to erasure: request the deletion of your data.
- Right to portability: receive your data in a structured format.
- Right to object: object to the processing of your data.
- Right to withdraw consent: withdraw your consent at any time.
To exercise these rights, contact us. We respond within 30 days.
In case of dispute, you can file a complaint with the CNIL (French Data Protection Authority): www.cnil.fr (new window).
Cookies
Scrutia uses no tracking, analytics or advertising cookies. Only cookies strictly necessary for the service may be used (Stripe payment session). These cookies do not require consent under the ePrivacy Directive.