Privacy policy

1. Introduction

Welcome to CROtrustify. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us.

When you visit our website and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy notice, we describe our privacy policy. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it.

2. Information We Collect

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our products and services, when participating in activities on the Services or otherwise contacting us.

• Personal Information: Name, email address, and company website (store URL).
• Payment Data: We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by Stripe.
• Scan Data: Information about the websites you scan, including URLs, snapshots, and diagnostic data related to trust signals and CRO.

3. How We Use Your Information

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.

• To facilitate account creation and logon process.
• To send administrative information to you.
• To fulfill and manage your orders.
• To protect our Services from fraud or malicious activity.
• To respond to user inquiries/offer support to users.

4. Legal Bases for Processing

Depending on the context, we process personal data because it is necessary to perform a contract with you, comply with legal obligations, pursue legitimate business interests, or because you have given consent.

• Contract: account access, paid reports, subscriptions, and service delivery.
• Legitimate interests: fraud prevention, service security, support, and product improvement.
• Consent: optional analytics cookies and any marketing communication that requires consent.
• Legal obligation: records required for tax, accounting, or regulatory purposes.

5. Will Your Information Be Shared With Anyone?

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations. This includes third-party service providers such as hosting providers (Vercel/Heroku), database providers (Prisma/Neon), and payment processors (Stripe).

6. International Transfers

Some service providers may process data outside your country of residence. Where international transfers occur, we rely on appropriate safeguards required by applicable data protection law.

7. Data Retention

We retain personal data only for as long as necessary for the purposes described in this policy, including providing the service, maintaining business records, resolving disputes, enforcing agreements, and complying with legal obligations.

8. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

9. Your Privacy Rights

In some regions, including the European Economic Area, you may have rights under applicable data protection law. These can include access, rectification, erasure, restriction, objection, data portability, withdrawal of consent where processing is based on consent, and the right to lodge a complaint with a competent supervisory authority.

10. Cookies

We use a cookie consent tool and only enable optional analytics cookies after consent. For more detail about cookie categories and controls, please review our Cookie Policy.