Politique de Confidentialité – Website Roaster

1. Information We Collect

We collect only the data necessary to operate and deliver your website roast and report.

1.1 Contact Information

• Email address (to send your roast or full report)

1.2 Website Data

• Website URL(s) you submit for analysis
• Public website content (text, layout, metadata) collected automatically by our crawler
• AI-generated analysis and persona reports related to your website

1.3 Payment Information

• Payment details (processed securely by Stripe)
• We do not store full credit card numbers or financial data on our servers.

1.4 Technical Information

• IP address, browser type, device type, and usage timestamps
• Anonymous logs for debugging and performance improvement

1.5 Communications

• Emails or messages sent to us via support or feedback channels

We do not require you to create an account. The Service functions through email delivery.

2. How We Use Information

We use your data to:

• Generate and deliver your website roast or full report via email
• Improve our AI models and website analysis accuracy
• Process payments and fulfill purchases
• Provide customer support and respond to inquiries
• Ensure compliance with applicable laws and our Terms of Service

We do not use your website content for marketing or resale.

3. Legal Basis for Processing (GDPR)

If you are located in the EU or EEA, we process your data under the following lawful bases:

• Contractual necessity – to deliver your roast or report.
• Legitimate interest – to improve the Service, ensure security, and prevent misuse.
• Consent – when you submit your website and email for analysis.
• Legal obligation – for accounting and regulatory compliance.

You may withdraw consent at any time by contacting legal@cvpkdigitalstudio.com.

4. Sharing of Information

We share data only with trusted third-party providers required to operate the Service:

We do not sell or rent personal data to advertisers or third parties.

5. Data Retention

• Email and website data are stored for up to 90 days after delivery for troubleshooting and quality assurance.
• Payment data is retained for up to 7 years for legal and accounting obligations.
• AI-generated reports may be anonymized for service improvement.

You can request early deletion at any time by emailing legal@cvpkdigitalstudio.com.

6. Data Location and Transfers

All data is stored and primarily processed in Sweden (EU).

Some processing (AI model inference or email delivery) may occur in the United States.

For transfers outside the EU/EEA, we rely on EU Standard Contractual Clauses (SCCs) to ensure adequate protection.

7. Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encrypted data transmission (HTTPS / TLS 1.3)
• Secure database access controls
• Periodic security audits
• Principle of least privilege for all internal access

No system is 100% secure, but we continuously review and update our protections.

8. Your Rights (GDPR / CCPA)

Depending on your jurisdiction, you have the right to:

• Access the personal data we hold about you
• Request correction or deletion of your data
• Withdraw consent for processing
• Object to certain processing (e.g., marketing)
• Request a copy of your data in portable format (data portability)
• File a complaint with your local supervisory authority

Requests can be sent to legal@cvpkdigitalstudio.com.

We will respond within 30 days.

9. Cookies and Tracking

Website Roaster uses minimal, privacy-friendly analytics via Plausible.io and essential session cookies only.

We do not use advertising or tracking cookies.

10. Children's Privacy

Website Roaster is not directed at individuals under 18 years of age.

We do not knowingly collect data from minors.

11. Changes to this Policy

We may update this Privacy Policy periodically.

Material changes will be communicated via email or on our website, with an updated "Last Updated" date.

12. Contact Information