Privacy Policy

• Account data: name, email address, hashed password.
• Tool input data: the URLs you submit, optional configuration you provide (e.g. a free-product checkout URL for the Browser-Real tier of Pixel Audit).
• Tool output data: the report findings we generate from each scan, including detected pixel IDs, captured event names, captured parameters.
• Billing data: subscription tier, credit balance, transaction history. Card details are collected and stored by Paddle, not by us — we only receive the last four digits and the country of issue for fraud-prevention purposes.
• Usage data: IP address, user-agent, timestamps of API requests, error logs.
• Cookies and similar technology: a session cookie set by our authentication system to keep you signed in; an essential cookie set by Paddle to process the checkout flow.

• Provide and operate the Service: run the diagnostic you requested, return the report, debit credits.
• Customer support: answer your questions, troubleshoot issues.
• Billing: charge subscriptions, generate invoices (via Paddle), detect fraud.
• Security: detect abuse, enforce rate limits, log security-relevant events.
• Product improvement: aggregate, anonymised metrics to understand which features are used.
• Legal compliance: respond to lawful requests, enforce our Terms.

We rely on (a) performance of contract — to provide the Service you signed up for; (b) legitimate interests — for security, fraud prevention, and product improvement; (c) consent — where we ask for it explicitly; (d) legal obligation — where we must process data to comply with law.

• Paddle.com Market Limited — payment processing, tax handling, invoicing (Merchant of Record).
• Cloud hosting providers — to run the Service infrastructure.
• Email delivery provider — to send transactional emails (sign-up confirmation, password reset, audit completion).
• Law enforcement and regulators — only where legally required.

We do not sell your personal data and do not share it for cross-context behavioural advertising.

Our infrastructure may be located outside your country of residence. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

• Account data: until you delete your account, plus up to 90 days in encrypted backup.
• Tool output reports: 24 months, after which they are deleted.
• Billing records: retained for as long as required by tax law (typically 7 years).

Depending on your jurisdiction, you may have the right to access, correct, delete, port, or restrict processing of your personal data, and to object to processing or withdraw consent. EU/UK users (GDPR) and California users (CCPA) have additional rights including the right to opt out of "sale" or "sharing" of personal data — we do neither. To exercise any of these rights, email support@solvir.net.

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have, please contact us and we will delete it.

We use industry-standard encryption in transit (TLS) and at rest, principle-of-least-privilege access, hashed credentials, and regular review of access logs. No system is perfectly secure — please use a strong, unique password.

We may update this Policy. Material changes will be announced via email or a Service notice. The "Last updated" date at the top reflects the latest revision.

Privacy questions, complaints, and rights requests should be sent to support@solvir.net.