AuditYourStore — Free AI eCommerce Audit Tool

Privacy Policy

Last updated: March 8, 2026

1. Who We Are

AuditYourStore is operated by MDigital (mantasdigital.com). Our contact email is [email protected]. We are the data controller for information collected through ai.audityourstore.com.

2. Data We Collect

  • Account data — email address provided when you sign in or purchase credits.
  • Audit data — the store URLs you submit for auditing and the resulting reports.
  • Payment data — processed securely by Stripe. We store your Stripe customer ID but never your card details.
  • Usage data — pages visited, features used, and browser/device type for improving our service.
  • Cookies — see our Cookie Policy for details.

3. How We Use Your Data

  • To provide, maintain, and improve our audit services.
  • To process payments and manage your account and credits.
  • To send transactional emails (magic links, audit results, receipts).
  • To send marketing emails only if you have explicitly opted in.
  • To detect abuse and enforce our terms.

4. Legal Basis (GDPR)

  • Contract — processing your audit requests and credit purchases.
  • Consent — marketing emails and non-essential cookies. You can withdraw consent at any time.
  • Legitimate interest — improving our service, preventing fraud, and sending transactional emails.

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe — payment processing.
  • Anthropic (Claude AI) — AI-powered audit analysis. Only the publicly accessible store content is sent; no personal data.
  • Hosting providers — our servers are hosted in the EU (Hetzner, Germany).

6. Data Retention

We retain your account data for as long as your account is active. Audit reports are kept indefinitely for your reference. You can request deletion of your account and all associated data at any time by emailing [email protected].

7. Your Rights

Under GDPR you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — request deletion of your data ("right to be forgotten").
  • Portability — receive your data in a machine-readable format.
  • Object — object to processing based on legitimate interest.
  • Withdraw consent — for marketing emails via unsubscribe links or Email Preferences; for cookies via the cookie consent banner.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

8. Security

We use industry-standard security measures including HTTPS encryption, httpOnly session cookies, database access controls, and secure payment processing via Stripe. No system is 100% secure, but we take reasonable steps to protect your data.

9. Children

Our service is not directed at children under 16. We do not knowingly collect personal data from children.

10. Changes

We may update this policy from time to time. Material changes will be communicated via email or a notice on the site. The "Last updated" date at the top reflects the most recent revision.

11. Contact

For privacy-related questions or requests, contact us at [email protected].