Inclusiv
PricingFAQContact
-199 days until EAA deadline
Privacy Policy

Your privacy matters

We are committed to protecting your personal data and being transparent about how we use it.

Last updated: January 2025

Introduction

Inclusiv ("we," "our," or "us") operates the inclusiv.dev website and accessibility scanning service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. We are fully compliant with the General Data Protection Regulation (GDPR) and process all data within the European Union.

Data We Collect

Information You Provide

  • Email address (when requesting a report or subscribing)
  • Name and company name (when contacting us or signing up)
  • Website URLs you submit for scanning
  • Payment information (processed securely by Stripe)
  • Messages and feedback you send us

Information Collected Automatically

  • IP address and approximate location
  • Browser type and device information
  • Pages visited and actions taken on our site
  • Referral source and session duration

Website Scanning Data

When you scan a website, we access only publicly visible content. We do not access private pages, login-protected areas, or backend systems. Scan results are stored temporarily to generate your report and are automatically deleted after 30 days unless you have an active paid subscription.

How We Use Your Data

We use your information to:

  • Provide and maintain our accessibility scanning service
  • Send you scan results and accessibility reports
  • Process payments and manage subscriptions
  • Respond to your inquiries and support requests
  • Send important service updates and security notices
  • Improve our service based on usage patterns
  • Comply with legal obligations

We will never sell your personal data to third parties or use it for purposes unrelated to our service.

Data Sharing

We share your data only with:

  • Stripe: For secure payment processing (PCI DSS compliant)
  • Resend: For transactional email delivery
  • Vercel: For website hosting (EU data centers)
  • Legal authorities: When required by law or to protect our rights

All our service providers are GDPR compliant and have appropriate data processing agreements in place.

Your Rights

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured format
  • Restriction: Limit how we process your data
  • Objection: Object to processing of your data
  • Withdraw consent: Withdraw consent at any time

To exercise these rights, email us at privacy@inclusiv.dev. We will respond within 30 days.

Data Retention

  • Free scan results: 30 days
  • Subscriber data: Duration of subscription + 90 days
  • Email communications: 2 years
  • Payment records: 7 years (legal requirement)
  • Analytics data: 26 months (anonymized)

You can request earlier deletion at any time by contacting us.

Security

We protect your data with:

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Regular security audits and penetration testing
  • Strict access controls and authentication
  • EU-based data centers

Contact Us

For privacy-related inquiries:

Email: privacy@inclusiv.dev

If you believe we have not addressed your concerns satisfactorily, you have the right to lodge a complaint with your local data protection authority.