Privacy Policy

Effective date: May 12, 2026

1. Overview

Auditledge ("we", "us", "our") operates auditledge.com and the Auditledge API. This policy explains what data we collect, how we use it, and your rights. By using our services you agree to the practices described here.

2. Data We Collect

  • Account data: email address and password (hashed) when you sign up.
  • Billing data: payment details are processed by Stripe. We store only the subscription status and plan identifier — never raw card numbers.
  • Audit event data: the event payloads you send to our API. This is the core product data you entrust to us.
  • Usage data: API request metadata (timestamps, response codes, key identifiers) for quota tracking and debugging.
  • Technical data: IP addresses and browser information collected automatically when you visit the site.

3. How We Use Your Data

  • Provide, maintain, and improve the Auditledge service.
  • Authenticate your account and enforce API quotas.
  • Process payments and send billing receipts.
  • Send transactional emails (password resets, plan changes). No marketing emails without explicit opt-in.
  • Investigate security incidents and abuse.

4. Data Retention

Audit events are retained for the period defined by your plan (14 days on Free, 1 year on Starter, 2 years on Growth). Account data is retained until you delete your account. You can request deletion at any time by emailing hello@auditledge.com.

5. Data Sharing

We do not sell your data. We share it only with:
  • Supabase — database and authentication infrastructure.
  • Stripe — payment processing.
  • Render — hosting and edge delivery.
  • Law enforcement, when required by applicable law and only to the extent required.
All sub-processors are contractually bound to protect your data.

6. Security

We use TLS in transit, encrypted storage at rest, and access controls that limit who on our team can access customer data. API keys are stored securely — once generated, the plaintext is never retained. Despite our efforts, no system is 100% secure. Please report vulnerabilities to hello@auditledge.com.

7. Cookies

We use a single session cookie for authentication. We do not use third-party tracking or advertising cookies.

8. Your Rights

Depending on your jurisdiction you may have the right to access, correct, port, or delete your personal data. To exercise these rights email hello@auditledge.com. We will respond within 30 days.

9. Children

Auditledge is not directed at children under 16. We do not knowingly collect data from children.

10. Changes

We may update this policy. When we do, we will update the effective date above. Continued use of the service after changes constitutes acceptance.

11. Contact

Questions about this policy? Email hello@auditledge.com.