This policy applies to all users of AdGateScore and complies with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Data Controller

The data controller responsible for your personal data is AdGateScore, operated by Salima Pradhan. For any privacy-related enquiries, contact us at [email protected].

2. What Data We Collect and Why

Usage & analytics data

What: Pages visited, browser type, device type, approximate location (country/region), time on site.

Why: To understand how the Service is used and improve it.

Legal basis (GDPR Art. 6): Legitimate interests (Art. 6(1)(f)) — improving the Service; or Consent (Art. 6(1)(a)) where required.

Collected by: Google Analytics (anonymised IP addresses).

Scan data

What: URL submitted, pages crawled, performance metrics, resulting scores and recommendations.

Why: To provide the core scanning service and display results.

Legal basis (GDPR Art. 6): Contract performance (Art. 6(1)(b)) — providing the service you requested.

Collected by: Stored in our TiDB database. URLs are also sent to Google PageSpeed Insights API for performance analysis.

Account & billing data

What: Email address, name (via Clerk authentication), Stripe customer ID, subscription plan.

Why: To manage your account, process payments, and deliver premium features.

Legal basis (GDPR Art. 6): Contract performance (Art. 6(1)(b)) — fulfilling your subscription; Consent (Art. 6(1)(a)) for optional email notifications.

Collected by: Clerk (authentication), Stripe (payments), our database.

Scheduled scan emails

What: Email address, scan results, score deltas.

Why: To send scheduled scan digests if you have enabled them.

Legal basis (GDPR Art. 6): Consent (Art. 6(1)(a)) — you explicitly enable scheduled scans.

Collected by: Sent via Gmail SMTP. You can disable at any time from your Account page.

Data stored locally on your device

What: Theme preference, color scheme, layout setting, cookie consent state.

Why: To remember your preferences between visits.

Legal basis (GDPR Art. 6): Strictly necessary — this data never leaves your device.

Collected by: Browser localStorage only. Not transmitted to our servers.

Contact form

What: Your name, email address, subject, message content.

Why: To respond to your enquiry.

Legal basis (GDPR Art. 6): Consent (Art. 6(1)(a)) — by sending us a message, you consent to us processing it to reply.

Collected by: Sent via email. Deleted within 12 months of your enquiry being resolved.

3. Cookies

We use cookies as described below. Non-essential cookies require your prior consent, which we obtain via our cookie banner.

Cookie type	Purpose	Consent required?
Strictly necessary	Theme preference, cookie consent state	No — essential for the Service
Analytics (Google Analytics)	Understand site usage, improve content	Yes — opt-in

You can withdraw consent at any time by clearing cookies in your browser. You can also opt out of Google Analytics at tools.google.com/dlpage/gaoptout.

4. International Data Transfers

Google Analytics may transfer data to the United States. These transfers are covered by Google's Standard Contractual Clauses (SCCs) approved by the European Commission under GDPR Art. 46(2)(c). Stripe processes payment data in accordance with PCI DSS standards and GDPR requirements. For details, see Google's Privacy Framework and Stripe's Privacy Policy.

5. Your Rights Under GDPR

As an EU/EEA resident you have the following rights:

Right of access (Art. 15)
Request a copy of the personal data we hold about you.

Right to rectification (Art. 16)
Request correction of inaccurate or incomplete data.

Right to erasure (Art. 17)
Request deletion of your data ("right to be forgotten").

Right to restriction (Art. 18)
Request that we limit how we process your data.

Right to portability (Art. 20)
Receive your data in a structured, machine-readable format.

Right to object (Art. 21)
Object to processing based on legitimate interests.

Right to withdraw consent
Withdraw consent at any time without affecting prior processing.

To exercise any right, email [email protected]. We will respond within 30 days (GDPR Art. 12(3)).

6. Third-Party Processors

We use the following processors, each bound by data processing agreements:

Google Analytics—Website analytics

Google PageSpeed Insights—Site performance auditing

Clerk—User authentication and account management

Stripe—Payment processing and subscription billing

TiDB Cloud—Database hosting (scan results, user data)

7. Affiliate Links

Our Network Readiness section may include links to ad network application pages. Some of these may be affiliate links. See our Affiliate Disclosure for details.

8. Data Retention

Scan results are stored for the duration of your account. Free-tier scans may be purged after 7 days. Email addresses are retained until you request removal or delete your account. Server logs are retained for up to 30 days. Contact form messages are deleted within 12 months of resolution.

9. Children's Privacy

Our Service is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this policy. Material changes will be announced on the site and via email to registered users. The "last updated" date at the top reflects the most recent revision.

11. Contact

AdGateScore is operated by Salima Pradhan.

Privacy enquiries: [email protected] · General contact: Contact page