Privacy Policy

Last updated: 1 March 2026

1. Introduction

At OptiAudit, we understand that data privacy is critical. This Privacy Policy outlines how we collect, use, process, and protect your information when you access our website performance analysis platform. We are committed to maintaining the trust of our users by ensuring that your data is handled securely and transparently, in compliance with global privacy standards, including the GDPR and CCPA.

2. Information We Collect

We collect information necessary to provide, optimize, and secure our services. This includes:

Information You Provide

  • Target URLs: The website addresses you submit for performance analysis.
  • Account Details: Email addresses and secure password hashes when creating an account.
  • Support Communications: Information provided when contacting our support team.

Usage & Technical Data

  • Device Information: Browser type, operating system, and IP address.
  • Interaction Metrics: Application features utilized, audit frequency, and session duration.

3. How We Process Your Data

The primary purpose of data collection is the delivery and improvement of the OptiAudit platform. Specifically, we utilize your data to generate detailed Lighthouse and Chrome UX Report (CrUX) metrics, store historical performance benchmarks for your domains, and maintain the security of our infrastructure by preventing abuse of our automated analysis endpoints. We do not sell your personal data or audit histories to external marketing agencies.

4. Third-Party Infrastructure

To operate a globally distributed and highly available service, OptiAudit relies on vetted third-party infrastructure providers. We ensure these partners adhere to strict security protocols:

  • Google PageSpeed API: We transmit the target URLs you submit to Google's infrastructure to execute Lighthouse performance algorithms and retrieve real-world CrUX data.
  • Supabase: Our database and authentication layer is securely managed by Supabase, utilizing row-level security and encrypted storage.
  • Vercel: Our application edge routing and frontend hosting are provided by Vercel for high-speed content delivery.

5. Data Retention & Security

We employ enterprise-grade security measures to protect your data. All data in transit is secured via modern TLS encryption, and data at rest is housed in encrypted databases.

Retention period: For registered users, we retain historical audit data indefinitely to facilitate longitudinal performance tracking. Anonymous audit reports are persisted locally on your device via localStorage and are not tied to a centralized user identity. You may request the complete deletion of your account and associated audit history at any time.

6. Your Rights

Depending on your jurisdiction, you possess specific rights regarding your personal data, including the right to access, rectify, or erase your information. You also hold the right to object to or restrict processing, and the right to data portability.

To exercise these rights, or if you have any questions or concerns regarding our privacy practices, please contact our Data Protection Officer at privacy@optiaudit.com.