Privacy
What we store. The store URL you submit, the product page URLs we discover or you paste, crawl results (page HTML is processed and discarded; extracted product data, check results, scores and the generated report are kept), and — if you enter it — your email address so we can send your result and report links. We do not sell user data.
Technical logs and rate limiting. We store a salted hash of your IP address to enforce the 5-scans-per-hour limit; the raw IP is never stored. Standard server logs (errors, request timing) exist on our hosting platform.
Payments. Stripe processes all payments and card data. We receive and store only payment metadata: confirmation that a checkout was paid, its session id and the email used at checkout.
Emails. We send exactly two kinds of email via Resend: your score link and your paid report link. No newsletters, no marketing sequences. Entering your email is consent to receive those links.
Cookies and tracking. The app itself sets no tracking cookies and runs no analytics scripts. Stripe's checkout page (an external site) applies its own cookie policy.
Third-party processors. Supabase (database hosting), Stripe (payments), Resend (email), Vercel (application hosting and logs), and optionally Anthropic (generating the AI-extraction panels and description rewrites in paid reports — page text of your public product pages is sent for that purpose only).
Report links. Scan result pages are public to anyone who has the link. Paid fix reports are private behind a random access token; treat the report link like a password.
Deletion. Reply to any email CatalogReady has sent you (or use the contact on your receipt) and ask — we'll delete the audit, the report and your address.