Privacy
We take data protection seriously and design for data minimization. This summary describes how the platform can be configured; we will finalize a policy specific to your deployment.
What we process
- Accessibility scan telemetry necessary to detect issues (e.g., element roles, attributes, computed styles)
- Optional screenshots for evidence capture
- Operational logs for security and auditability
How we handle data
- Browser‑contained processing where feasible; zero‑persistence session design
- Encryption in transit and at rest for stored artifacts
- Role‑based access controls and MFA for administrator access
Retention
- Configurable retention for evidence and reports; default to least‑necessary duration
- Administrative deletion on request, subject to legal holds
Subprocessors
No third‑party subprocessors are required for core scanning in privacy‑first mode. Optional integrations (e.g., Git, ticketing) will be listed in a deployment‑specific annex.
This page is a summary. Final, binding terms are captured in your Master Services Agreement and Data Protection Addendum.