AuditCopy

Privacy Policy

// last updated: May 2026

AuditCopy is operated by Sarthak Garg (sole proprietor), trading as "AuditCopy". Sarthak Garg is the data controller for personal data processed through this service. This policy explains what data we collect, how we use it, the legal bases we rely on, and your rights.

What we collect

  • Your email address and name when you create an account
  • The URLs you submit for auditing
  • Your audit results, which are stored securely in our database
  • Your IP address (hashed) to prevent free audit abuse — this is never linked to your identity

What we do not collect

  • We do not collect or store payment card details — payments are processed entirely by Paddle, our Merchant of Record, and we never see your card information
  • We do not use cookies for tracking or advertising
  • We do not sell, rent, or share your data with advertisers or data brokers

How we use your data

  • To run your copywriting audit and store your results
  • To manage your account, credits, and purchase history
  • To send you transactional emails related to your account (e.g. purchase confirmation)
  • We do not send marketing emails without your explicit consent

Legal basis for processing

  • Contract performance — to provide the audit service you signed up for, manage your account, and deliver purchased credits
  • Legitimate interests — to secure the service, prevent abuse of free audits (via hashed IP), and improve product quality
  • Legal obligation — to retain transaction records as required by tax and accounting law
  • Consent — for any optional communications, where you have explicitly opted in

Who we share data with

We share personal data only with the following categories of recipients:

  • Paddle.com Market Limited ("Paddle") — our Merchant of Record. Paddle processes all payments, handles billing, tax compliance, invoicing, and refunds. When you make a purchase, your payment and billing information is collected and processed directly by Paddle under Paddle's Privacy Policy.
  • Supabase / AWS — our hosting and database infrastructure provider (US region)
  • AI model providers — to generate audit results from the URLs you submit
  • Authorities — where required by law

Data storage

Your data is stored securely using Supabase, hosted on AWS infrastructure. Data is stored in the US region. We take reasonable technical measures to protect your data.

Your rights

If you are based in the European Union, you have rights under GDPR including the right to access, correct, or delete your personal data. If you are based in India, you have rights under the Digital Personal Data Protection Act 2023. To exercise any of these rights, contact us using the feedback form on this website.

Data retention

We retain your audit results and account data for as long as your account is active. Anonymous audits (run without an account) expire after 48 hours. You can request deletion of your account and all associated data at any time.

Changes to this policy

We may update this policy as the product grows. Significant changes will be communicated via email if you have an account.

Contact

Use the feedback form on this website to reach us with any privacy-related questions.