Terms of Service

1. Agreement to these terms

These Terms of Service ("Terms") form a legal agreement between you and Auditto, a product operated by SysWP (Brazilian sole-proprietorship, CNPJ available on request to data subjects), based in São Paulo, Brazil. By creating an account, running a paid scan, embedding our badge, or using any other part of the service at auditto.pro / auditto.syswp.com.br and their subdomains (collectively, the "Service"), you agree to these Terms.

If you don't agree, don't use the Service. If you use the Service on behalf of an organisation, you represent that you have authority to bind that organisation, and "you" means both you personally and that organisation.

2. Who can use Auditto

You must be at least 16 (EU) / 13 (US/global) to use the Service. If you're under your local age of majority you need a parent or guardian's permission. The Service is not designed for, and we will not knowingly process accounts from, children below those ages.

You must provide accurate registration information (email, name) and keep your password secret. You are responsible for everything that happens under your account, including activity you didn't personally perform but that resulted from your credentials being compromised — so use a strong, unique password and notify us immediately if you suspect unauthorised access at ola@auditto.pro.

3. What the Service does

Auditto is a technical compliance verification tool. We:

• Make public HTTP requests to the URL you submit and observe network activity, cookies set, requests to third parties, and so on.
• Locate the site's privacy policy and extract factual claims from its public text.
• Cross-reference what the policy says against what the site does, producing a list of findings and a numerical score.
• Issue a verification badge that resolves to the latest score for that origin.
• For paid plans: continuous re-scans, private reports, multi-site management, API access (per plan).

We are not a law firm. The Service does not constitute legal advice and does not certify compliance with GDPR, LGPD, CCPA, or any other regulation. A high Auditto score is evidence that your stated policy matches your observable behaviour at the moment of the scan — it does not guarantee that a Data Protection Authority will reach the same conclusion in an actual investigation. Always consult a qualified lawyer or Data Protection Officer before relying on a finding for legal decisions.

4. Free scans & the badge

The free tier lets anyone scan any publicly accessible site once per 30 days, with no account required. In exchange:

• The resulting report is public at auditto.pro/r/<id>. You consented to this when you ticked the "I accept" box.
• We may use the result as an anonymised case study on our landing or in marketing — without disclosing your contact email.
• If you embed our verification badge, you commit to keeping it in place on the audited site. We re-scan periodically and the badge updates automatically; if you remove it, it remains valid pointing to the latest report, but we may withdraw display privileges for repeat offenders.

Full free-scan-specific terms (badge SLA, public report retention, request a takedown): /en/free-scan-terms.

5. Paid plans, billing & auto-renewal

Paid plans (Starter / Pro / Agency) are billed in advance, monthly or annually, via Stripe. By starting a paid plan you authorise us to instruct Stripe to charge your selected payment method at the start of each billing period until you cancel. Prices are listed at /en#pricing and are excluding any local taxes, which Stripe collects where applicable.

Annual plans are discounted (currently 12% off vs monthly) and are paid up front for 12 months. Auto-renewal at the end of the year is at the same discounted rate unless you cancel before renewal.

Early Adopter promo (first 50 Starter/Pro/Agency customers): 50% off forever, for as long as your subscription stays active and your billing details remain valid. The discount ends if your subscription lapses or is cancelled, and it is non-transferable.

We may change pricing at any time. Existing subscriptions keep their current price until the next renewal; we notify you by email at least 30 days before any price change takes effect on your account.

6. Refunds

7-day money-back guarantee: if you're not satisfied within the first 7 days of your first paid period (monthly or annual), email us at ola@auditto.pro and we refund the full amount, no questions asked.

After the 7-day window we do not refund the current period. You can cancel any time and we will not bill the next renewal. Cancellation is immediate; you keep access until the end of the period you've already paid for. EU/EEA consumers retain their statutory right of withdrawal (14 days from the start of a subscription, unless waived by performing the contract — running scans counts as performance).

7. Acceptable use

You agree NOT to:

• Submit URLs for sites you don't own, operate, or have explicit written permission to audit. Scanning a competitor's site to publicly embarrass them is a misuse of the Service.
• Attempt to access reports, accounts, or audits that don't belong to you.
• Reverse-engineer, decompile or scrape the Service beyond what a normal browser does.
• Use the Service to host, deliver, or facilitate illegal content or activity.
• Circumvent rate limits, billing systems, or our API key authentication.
• Resell access to paid tiers without an Agency plan (or written permission for resale beyond Agency capacity).
• Use automated tooling to flood the free scanner — that's why we rate-limit per IP and per email.
• Use the Service in any way that risks the security or stability of our infrastructure.

Violation may result in immediate suspension of your account without refund (subject to applicable consumer-protection law), takedown of any public reports you submitted, and referral to law enforcement where appropriate.

8. Intellectual property

The Auditto name, logo, badge designs, source code, scoring algorithm and report layout are owned by us and protected by copyright and other intellectual property rights. You get a limited, non-exclusive, non-transferable, revocable licence to use them strictly for the purposes the Service is designed for (e.g., embedding the verification badge you earned on the site you audited).

The report content about your site is yours. You can download, share or republish the textual content of reports about sites you submitted. You may not however alter the score, the findings list, or the badge in ways that would misrepresent the actual scan result.

You grant us a worldwide, royalty-free, non-exclusive licence to display reports of your sites publicly (free tier) or internally (paid tier), aggregate anonymised scan data for statistics and product improvement, and use anonymised case studies in our marketing.

9. Third-party services (Stripe, AI, plugin)

The Service integrates with several third parties listed in our Privacy Policy §4 (Stripe, Resend, OpenRouter/Anthropic, self-hosted Browserless, SysWP Radar). Your use of Stripe in particular is also subject to Stripe's Services Agreement. We are not responsible for the acts or omissions of these providers, but we have signed data-processing agreements with each one.

The SysAuditto WordPress plugin (free) is licensed under GPL v2 or later and governed by its own readme. Connecting the plugin to your account passes an opaque site token between your WordPress install and our API; you can revoke it at any time from /account/api-keys or by deactivating the plugin.

10. Privacy & data protection

Personal data is handled per our Privacy Policy, which is incorporated by reference into these Terms. Logged-in users can export or delete their account in one click at /account/settings (GDPR Arts. 15 + 17 / LGPD art. 18). Deleting your account also cancels any active Stripe subscription.

11. Service availability & changes

We aim for high availability but we don't promise a specific SLA on the free tier and we don't currently publish formal uptime numbers for paid tiers. We schedule maintenance outside Brazilian business hours when possible and post incidents at our status page (when published). Paid scans queued during downtime are processed automatically once service resumes — you are not billed twice.

We may add, modify, or remove features without notice. We don't intentionally remove features that materially reduce the value of a paid plan in the middle of a billing period — if we must, we notify you and offer a pro-rata refund for unused time.

12. Warranty disclaimer ("AS IS")

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE", WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR THAT THE SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE.

We do not warrant that a high Auditto score will protect you from regulatory enforcement, fines, lawsuits, or data-subject complaints. Compliance is determined by competent authorities applying the law to your specific situation — not by an automated tool. Use Auditto as one input into your compliance programme, alongside qualified legal advice.

Mandatory consumer-protection warranties (under the EU Consumer Rights Directive, Brazilian CDC, UK Consumer Rights Act, California consumer law, etc.) are not excluded by this section and continue to apply to consumers who benefit from them.

13. Limitation of liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, OUR TOTAL AGGREGATE LIABILITY FOR ANY CLAIM ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE IS CAPPED AT THE AMOUNT YOU PAID US IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM — OR USD 100, WHICHEVER IS GREATER.

IN NO EVENT WILL WE BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, LOST PROFITS, LOST REVENUE, LOST DATA, OR REGULATORY FINES IMPOSED ON YOU BY A DATA PROTECTION AUTHORITY.

These caps don't apply to: (a) liability for gross negligence or wilful misconduct; (b) liability for death or personal injury caused by negligence (where applicable law prohibits exclusion); (c) statutory liabilities that cannot be excluded under your local consumer-protection law.

14. Termination

You may stop using the Service at any time. To delete your account, use /account/settings → "Delete account". This cancels any active Stripe subscription, removes your personal data per our Privacy Policy retention schedule, and ends your right to use the Service.

We may suspend or terminate your account immediately if you breach these Terms, if continued provision would expose us to legal risk, or if your payment fails and is not resolved within 7 days. We will refund unused pre-paid time on a pro-rata basis unless the termination is for breach.

Sections that by their nature should survive (IP, warranty disclaimer, liability cap, governing law, dispute resolution) survive termination.

15. Governing law & disputes

These Terms are governed by the laws of Brazil, without regard to its conflict-of-laws rules. The competent forum for any dispute is the courts of the comarca of São Paulo, State of São Paulo, Brazil — except that consumers may also bring proceedings in the courts of their habitual residence where mandatory consumer law permits.

EU/EEA & UK consumers retain all mandatory protections granted by the law of their habitual residence, including the right to bring proceedings before their local courts under the Brussels I Regulation (recast) or equivalent UK rules. Those rights are not waived by this section.

We encourage you to write to ola@auditto.pro first — most disputes are resolved that way without needing courts.

16. Changes to these Terms

We may update these Terms. Material changes are notified by email to active users at least 30 days before they take effect. The "Last updated" field at the top of this page always reflects the current version. Continued use after the effective date means you accept the updated Terms; if you don't, cancel your subscription and stop using the Service.

17. Miscellaneous

• Entire agreement: these Terms plus the Privacy Policy and any plan-specific addendum form the full agreement between us.
• Severability: if any provision is unenforceable, the rest stays in force.
• No waiver: our not enforcing a right once doesn't waive that right going forward.
• Assignment: you can't assign these Terms without our consent; we may assign them to an affiliate or successor in connection with a merger/acquisition.
• Force majeure: we're not liable for delays caused by events outside our reasonable control (outages at major providers, government action, natural disasters, etc.).
• Notices: legal notices to us go to ola@auditto.pro. Notices to you go to the email on your account.

18. Contact

General & commercial: ola@auditto.pro
Privacy / data rights (DPO): dpo@auditto.pro
Legal entity: SysWP (Brazilian sole-proprietorship — CNPJ disclosed on request to verified counterparts).