Privacy Policy

Last updated: February 12, 2026

1. Introduction

Welcome to WebScore (“we,” “our,” or “us”). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website analysis platform.

By using WebScore, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

Name
Email address
Profile picture (if provided via OAuth)
Authentication provider information (Google, GitHub)

2.2 Website Scan Data

When you scan websites, we collect and store:

URLs of websites you submit for analysis
Screenshots of scanned pages
Performance metrics (Core Web Vitals, load times, Lighthouse scores)
SEO analysis data (meta tags, headings, structured data, schema validation)
Accessibility audit results (WCAG 2.1 compliance checks)
Security scan results (SSL certificates, security headers, DNS records, email authentication)
Best practices analysis (code quality, performance optimizations)
Domain metrics data (Domain Authority, Page Authority, spam score from Moz; Trust Flow and Citation Flow from Majestic; Domain Rating and backlinks from Ahrefs)
UI/UX audit results (visual hierarchy, button sizes, spacing, responsiveness, accessibility features)

2.3 Google Search Console Data

If you authorize GSC integration, we collect and store:

Search performance data (impressions, clicks, average position)
Search queries
Top pages and top queries from your GSC profile
We access GSC data to provide insights in your WebScore reports

2.4 Usage Data

We automatically collect:

IP address
Browser type and version
Pages visited and features used
Date and time of access
Device information

2.5 Payment Information

Payment processing is handled by our third-party payment processor (Creem.io). We do not store complete credit card numbers. We receive and store:

Subscription status and plan type
Payment history (dates and amounts)
Customer ID from payment processor

3. How We Use Your Information

We use the collected information to:

Provide and maintain our website analysis service
Process and complete website scans
Generate reports and recommendations
Manage your account and subscription
Process payments and billing
Send service-related notifications
Improve our service and develop new features
Detect and prevent fraud or abuse
Comply with legal obligations

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

All data is transmitted over HTTPS with TLS encryption
Passwords are hashed using secure algorithms
Database access is restricted and monitored
Regular security audits and updates

Scan data is retained according to your plan. You can delete your data at any time through your account settings.

5. Information Sharing

We do not sell your personal information. We may share data with:

Service Providers: Third-party services that help us operate (hosting, payment processing, analytics)
Legal Requirements: When required by law or to protect our rights
Business Transfers: In connection with a merger, acquisition, or sale of assets

Third-Party Services We Use:

Creem.io - Payment processing
Google OAuth - Authentication
GitHub OAuth - Authentication
Vercel/Cloud Provider - Hosting infrastructure

6. Cookies and Tracking

We use cookies and similar technologies for:

Authentication: Session cookies to keep you logged in
Preferences: Remember your theme and settings
Security: CSRF protection tokens
Analytics — Session: Used by Repora (repora.ro) to identify each guest/visitor session and understand how users interact with our website. This cookie does not contain personally identifiable information.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of our service.

7. Your Rights

You have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate information
Deletion: Request deletion of your account and data
Portability: Export your data in a common format
Objection: Object to certain processing activities

To exercise these rights, please contact us at [email protected]

8. Data Retention

We retain your data for as long as your account is active. Scan data retention varies by plan:

Free plan: 3 days
Lifetime plan: full history (retained while your account is active)

Domain metrics data is retained according to your subscription plan and is updated with each scan.

After account deletion, we may retain anonymized data for analytics purposes.

9. Children's Privacy

WebScore is not intended for children under 13. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in compliance with applicable data protection laws.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through the service. Continued use after changes constitutes acceptance of the updated policy.

12. Third-Party Data Sources

We use third-party APIs to collect domain metrics and SEO data:

Moz API: Provides Domain Authority, Page Authority, and Spam Score
Majestic API: Provides Trust Flow and Citation Flow data
Ahrefs API: Provides Domain Rating, backlinks, and referring domains data
Google Search Console API: Provides search performance and indexing data (with user authorization)

Data from these sources is subject to their respective privacy policies and terms of service. We cache this data according to your scan frequency and plan retention settings.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]