1. What data we collect
When you use Zapheron, we collect the following information:
- Email address — when you create an account or voluntarily submit it after a scan.
- URLs you scan — the website addresses you submit for analysis.
- Scan results — the scores, check outcomes, and fix recommendations generated for each URL.
- Account credentials — your email and hashed password, managed securely by Supabase Auth.
- Subscription information — your plan (Free, Pro, or Agency) and billing status.
2. Why we collect it
We collect this data solely to provide the Zapheron service:
- To run AI visibility scans and return results to you.
- To associate your scans with your account so you can revisit them.
- To manage your subscription and grant access to paid features.
- To contact you about your account if you opt in.
We do not use your data for advertising, profiling, or sale to third parties.
3. How we store it
Your data is stored in Supabase, a GDPR-compliant cloud database platform hosted on AWS infrastructure in the EU. Data is encrypted at rest and in transit. We apply row-level security policies so each user can only access their own data.
Passwords are never stored in plain text — Supabase Auth handles all credential management using industry-standard bcrypt hashing.
4. Who we share it with
We share your data only with the following third-party processor, and only to the extent necessary:
- Stripe — for processing subscription payments. Stripe receives your email address and payment details. We never see or store your card number. Stripe's privacy policy is available at stripe.com/privacy.
We do not sell, rent, or share your personal data with any other third party.
5. Your rights under GDPR
If you are located in the European Economic Area, you have the following rights:
- Access — request a copy of the personal data we hold about you.
- Correction — ask us to correct inaccurate or incomplete data.
- Deletion — request that we delete your account and all associated data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests.
To exercise any of these rights, email us at privacy@zapheron.ai. We will respond within 30 days.
6. Cookies
Zapheron uses only functional cookies necessary to keep you logged in (authentication session cookies set by Supabase). We do not use tracking cookies, analytics cookies, or advertising cookies.
7. Data retention
We retain your data for as long as your account is active. If you delete your account, we remove your personal data within 30 days. Anonymised scan statistics may be retained for service improvement.
8. Contact
For any privacy-related questions or requests, contact us at: