Free scan terms

1. About these terms

These Terms govern the use of Auditto's "Free scan" feature. By ticking the consent checkbox in the scan form, you fully agree to everything described here. If you disagree with any of it, do not run the free scan — pick a paid plan (Starter, Pro, Agency) instead, where no public-display or mandatory-badge condition applies.

2. What we collect

• The URL of the site you want to scan.
• Your email (so we can send you the report link).
• Your IP address and user-agent at consent time (anti-fraud control).
• The full scan result: site network requests, cookies set, extracted privacy policy, classifications and action plan.

We do not collect data from visitors to your site, content from internal forms, logged-in content or any end-user information.

3. Public display of the result

By consenting, you authorise Auditto to:

• Publish the report at auditto.pro/en/r/<id>, accessible to anyone with the link.
• Use the result (origin, score, finding count, categories) as a case study on our site, blog, social channels and sales materials.
• Re-use the aggregated findings in anonymised form for market analysis (e.g. "X% of sites load Google Fonts before consent").

Your email, IP and user-agent never appear in the public report or in any commercial material.

4. Mandatory Auditto badge

To keep the free scan active, you must embed the Auditto badge in the footer of the scanned site within 7 days of receiving the report. The badge is an <img> served from api.auditto.pro that links back to your public report.

We verify the badge daily. Non-compliance policy:

• Badge missing for 7 days: warning email.
• Badge missing for 14 days: scan suspended, report unpublished, no new free scans until reinstated.
• Cloaking attempt (showing the badge only to our crawler): immediate violation, account flagged.

If you don't want the badge, pick a paid plan (Starter US$ 7/mo, no badge, no public display).

5. Free scan limits

• 1 scan per domain every 30 days.
• 3 scans per email every 30 days (any domain).
• 5 scans per IP every 24h (anti-abuse).
• Run time: up to 4 minutes. Very slow sites may time out.

Auditto does not run automatic scans of your site. Every scan is launched manually by the account holder — except on paid plans, where customers can schedule a recurring cadence. When you claim your domain on a paid plan, only your account can launch scans for that domain.

6. Cancellation and deletion rights

You can at any time:

• Request consent withdrawal: we switch your report to "private" within 72h.
• Request full deletion: we erase the report, your email and logs within 30 days (GDPR Art. 17).
• Request a copy of your data (GDPR Art. 15).

Contact: dpo@auditto.pro

7. Retention

Reports are stored for 180 days. After that, reports without an active badge are auto-deleted. Reports with an active badge are renewed by the badge's presence.

8. Limitations

Auditto is a technical compliance detection tool. We are not a law firm and we do not replace your Data Protection Officer (DPO) or specialised legal counsel. The report provides actionable technical evidence, but final legal decisions depend on context-specific analysis by a qualified professional.

Our scan can produce false positives (e.g. flagging as a "tracker" a CDN you only use to serve internal assets) and false negatives (e.g. trackers loaded conditionally that don't appear in the scanned session).

9. Changes to these terms

We may update these Terms at any time. Material changes will be communicated by email (if you've provided one) and marked with a new "Last updated" date at the top. Continuing to use the scan after a change indicates acceptance of the updated terms.

10. Governing law

These Terms are governed by the General Data Protection Regulation (Regulation (EU) 2016/679) and the consumer-protection law of the user's residence. EU residents: jurisdiction of your member state. UK residents: courts of England and Wales. California residents: California state courts under the CCPA framework.

11. Contact

Auditto · a SysWP family brand.
Data Protection Officer (DPO): dpo@auditto.pro
Support: ola@auditto.pro