TrustScanBack to Home

Privacy Policy

Last updated: March 2026

1. What Data We Collect

When you use TrustScan, we may collect:

  • Email address — when you sign up, log in, or provide it to download a report.
  • URLs submitted for scanning — the website addresses you ask us to scan.
  • Scan results — findings, risk scores, summaries, and report data.
  • Payment information — processed by Stripe. We do not store card details on our servers.
  • IP address — used for rate limiting and abuse prevention.
  • Usage data — anonymous analytics via Vercel Analytics (no personal identifiers).

2. Why We Collect It

  • To provide the service — scanning websites, generating reports, delivering results.
  • To send reports — emailing PDF reports and scan notifications when requested.
  • To process payments — managing subscriptions via Stripe.
  • To prevent abuse — rate limiting and blocking malicious usage.
  • To improve the service — anonymous usage analytics to understand how features are used.

3. Cookies

TrustScan uses functional cookies only. These are strictly necessary for authentication (session management via NextAuth) and payment processing (Stripe). We do not use advertising cookies, tracking pixels, or third-party marketing trackers. Vercel Analytics collects anonymous, privacy-friendly usage data without cookies.

4. Data Retention

Scan results are stored indefinitely for your account so you can access historical reports. Screenshots captured during scanning are processed in memory and discarded immediately after analysis — they are not stored. If you wish to delete all your data, contact us at hello@trustscan.com.au and we will remove your account and associated data.

5. Third Parties

We share data with the following service providers, solely to operate TrustScan:

  • Anthropic — AI processing (Claude models analyse website screenshots for dark patterns).
  • Stripe — payment processing and subscription management.
  • Resend — transactional email delivery (scan reports, authentication emails).
  • Vercel — application hosting and anonymous analytics.
  • Neon — PostgreSQL database hosting.

We do not sell, rent, or share your personal data with advertisers or data brokers.

6. Your Rights Under the Australian Privacy Act 1988

As an Australian resident, you have the right to:

  • Access — request a copy of the personal information we hold about you.
  • Correction — request correction of inaccurate or incomplete personal information.
  • Deletion — request deletion of your personal information (subject to legal obligations).
  • Complaint — lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached.

To exercise any of these rights, contact us at hello@trustscan.com.au.

7. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email to registered users. The "last updated" date at the top of this page reflects when the policy was last modified.

8. Contact

For questions about this privacy policy or your personal data, contact us at hello@trustscan.com.au.