Privacy Policy

This Privacy Policy explains how [Legal Entity Name] (“AccessLumens,” “we,” “us”) handles information in connection with the AccessLumens website and accessibility scanning service (the “Service”). By using the Service you agree to the practices described here.

Information we collect

We aim to collect as little as possible. We collect:

• Scan inputs — the website URL you submit and the scan options you choose (single page or crawl, whether Keyboard & Experience Analysis is enabled).
• Scan results — accessibility findings, scores, and supporting evidence (such as element selectors, HTML snippets, and screenshots of flagged elements) derived from the publicly accessible pages we evaluate.
• Contact details you provide — if you submit the in-report enquiry form, the email address, website, and budget range you enter.
• Payment information — when you unlock a report, payment is processed by our payment provider and Merchant of Record, Dodo Payments. We never receive or store your full card number; we store only a payment reference and whether the report has been unlocked.
• Limited technical data — standard server logs (such as IP address and request metadata) used for security and reliability, and a single browser localStorage entry that remembers your light/dark theme preference.

We do not intentionally collect special-category personal data, and you should not submit URLs that require authentication or expose other people’s personal data.

How we use information

• To perform scans and generate, display, and deliver your report.
• To process payments and unlock paid reports.
• To respond to enquiries you send us and provide support.
• To produce aggregate, non-identifying industry benchmarks.
• To monitor, secure, debug, and improve the Service.
• To comply with legal obligations and enforce our Terms.

Legal bases (EEA/UK)

Where the GDPR or UK GDPR applies, we process personal data on the bases of performance of a contract (delivering scans and reports you request), legitimate interests (securing and improving the Service, benchmarking in aggregate), consent (where you voluntarily submit the enquiry form), and legal obligation where applicable.

How we share information

We do not sell your personal information. We share data only with service providers that help us run the Service:

• Dodo Payments — payment processing and Merchant of Record (handles checkout, card data, and applicable taxes). See Dodo Payments’ privacy policy.
• OpenAI — generates the plain-language executive summary from aggregate scan statistics only. We do not send page HTML or personal data for this purpose. See our AI Disclosure.
• Cloud hosting & infrastructure providers — to operate our application and database.

We may also disclose information if required by law, to protect our rights or users’ safety, or in connection with a merger, acquisition, or sale of assets (with notice where required).

International transfers

Our providers may process data in countries other than yours. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses for cross-border transfers.

Data retention

We retain scan inputs and results for as long as needed to provide the Service and for a reasonable period thereafter for support, fraud prevention, and benchmarking. Payment records are retained as required by tax and accounting law. You may request deletion of your data as described below; note that anonymised, aggregate statistics that cannot identify you may be retained.

Your rights

Depending on where you live (including under the GDPR/UK GDPR and the CCPA/CPRA), you may have the right to access, correct, delete, or port your personal data, to object to or restrict certain processing, and to withdraw consent. To exercise any of these rights, email support@accesslumens.com. We will respond within the timeframe required by applicable law. You also have the right to lodge a complaint with your local data-protection authority.

Cookies & tracking

The Service currently uses a single localStorage entry to remember your theme preference and does not use third-party advertising cookies. If we introduce analytics or other cookies in the future, we will update this policy and, where required, request your consent.

Browser extension (Journey Assistant)

The optional AccessLumens Journey Assistant browser extension lets you run accessibility checks across a real user journey on your own site, in your own browser session. It applies the following additional practices:

• Local analysis. During a journey you start, the extension reads the page’s DOM locally in your browser to run the axe-core accessibility engine. The pages you browse and their contents are not transmitted to us.
• What is sent to us. Only the resulting accessibility findings are sent to AccessLumens to build your report: rule identifiers, WCAG tags, a short element selector and HTML snippet for each issue, and the URL and title of the pages you analyze.
• No web-history collection. We do not collect or transmit your browsing history, and we do not sell any extension data to third parties. It is used only to generate your report and provide the core feature.
• You stay in control. The extension only analyzes sites during a journey you explicitly start, broad site access is requested in-context (not at install), and you can remove its access at any time from your browser’s extensions settings.

Children

The Service is not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.

Changes to this policy

We may update this policy from time to time. We will revise the “Last updated” date above and, for material changes, provide additional notice where appropriate.

Contact

Privacy questions or requests: support@accesslumens.com.