Privacy Policy — United States
Last updated: April 12, 2026
Data Controller
The data controller for Scrutia is Synapsea SAS, a company registered in France (Paris Trade Register).
Contact: contact@scrutia.io
Data We Collect
Scrutia collects only the data necessary to perform accessibility audits:
- Email address — to send your audit report and communicate about your order.
- Website URL — to perform the accessibility audit you requested.
- Payment information — processed by Stripe. Scrutia does not store your credit card number.
How We Use Your Data
- Run the WCAG 2.1 AA accessibility audit on the URL you submitted.
- Generate and deliver your audit report (PDF + online dashboard).
- Process payment for paid audit reports.
We do not sell your personal data. We do not use your email for marketing unless you explicitly opt in.
Data Retention
- Free audits: data retained for 30 days, then automatically deleted.
- Paid audits: data retained for 12 months to allow re-access to your report.
- Billing records: retained for the legally required period (generally 7 years for tax purposes).
Service Providers (Sub-processors)
We use the following third-party services to operate Scrutia:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database & authentication | United States |
| Stripe | Payment processing | United States |
| Resend | Transactional emails | United States |
| Anthropic | AI analysis engine | United States |
| Hetzner | API server hosting | Germany (EU) |
| Vercel | Website hosting & CDN | United States |
| Google LLC | Analytics (Google Analytics 4) | United States |
No personal data is shared with third parties for advertising or marketing purposes.
Cookies
- Strictly necessary cookies: used for session management and consent preferences. Cannot be disabled.
- Analytics cookies (Google Analytics 4): used to understand how visitors use the site. Set only with your consent.
We do not use advertising cookies or tracking pixels.
Your Rights Under the CCPA/CPRA (California Residents)
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information:
- Right to know: you may request that we disclose the categories and specific pieces of personal information we have collected about you.
- Right to delete: you may request that we delete your personal information, subject to certain exceptions.
- Right to correct: you may request that we correct inaccurate personal information.
- Right to opt out of sale/sharing: Scrutia does not sell or share your personal information for cross-context behavioral advertising. There is nothing to opt out of.
- Right to limit use of sensitive personal information: we do not collect sensitive personal information as defined by the CPRA.
- Right to non-discrimination: we will not discriminate against you for exercising any of your privacy rights.
Categories of personal information collected: identifiers (email address), internet activity information (website URL submitted for audit). Business purpose: performing the accessibility audit service you requested. Retention: see the Data Retention section above.
To exercise any of these rights, contact us at contact@scrutia.io. We will respond within 45 days as required by law.
Other US State Privacy Rights
Residents of Colorado, Connecticut, Virginia, Utah, and other states with consumer privacy laws may have similar rights to access, delete, and correct their personal information. We extend the same rights described in the CCPA/CPRA section above to all US residents regardless of state.
To exercise your rights, contact us at contact@scrutia.io.
Do Not Sell My Personal Information
Scrutia does not sell your personal information to third parties. We do not engage in cross-context behavioral advertising. Your data is used solely to provide the accessibility audit service you requested.
Children's Privacy
Scrutia is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at contact@scrutia.io and we will promptly delete it.
Changes to This Policy
We may update this privacy policy from time to time. Material changes will be posted on this page with an updated “Last updated” date. Your continued use of Scrutia after changes constitutes acceptance of the updated policy.
Contact
For questions about this privacy policy or to exercise your privacy rights, contact us at:
contact@scrutia.io
Synapsea SAS
Paris, France
scrutia.io