Privacy Policy

Data Controller

AccessiShield is operated by AccessiShield, the data controller responsible for the personal information described in this policy.

If you have questions about this policy or your personal data, you may contact us at: privacy@accessishield.com.

What We Collect

When you submit the free scan form or create an account, we collect your email address and Shopify store URL. If you subscribe to a paid plan, Stripe collects your payment information directly — we never see or store your credit card details.

What We Don’t Collect

We believe in collecting the minimum information needed to provide our service. Specifically:

• No credit card numbers. Payments are handled entirely by Stripe. We never see, store, or have access to your credit card information.
• No passwords. Authentication is via magic link (a one-time sign-in link sent to your email) or Google sign-in. We do not ask you to create or remember a password.
• No phone number. We do not collect, store, or require your phone number. All communication is by email.

How We Use Your Data

We use the information you provide to perform accessibility scans on your store, send you the scan results, and (if you opt in) send occasional product updates. We will never sell your personal information.

Legal Basis for Processing

If you are located in the European Economic Area (EEA) or the United Kingdom, we process personal data under the following legal bases:

• Contract performance — to provide the accessibility scan and related services you request
• Legitimate interests — to improve our service, maintain security, and communicate about the product
• Consent — where required for optional communications such as product updates

Service Providers

We use the following third-party services to operate AccessiShield. Each processes data on our behalf and is bound by their own privacy policies:

• Stripe (payments) — processes your email address and payment information when you subscribe. We never receive or store your credit card details.
• Resend (email delivery) — delivers scan reports, sign-in links, and product notifications to your email address.
• Anthropic / Claude API (AI-powered code fix generation) — receives your store URL and scan violation data to generate accessibility code patches.
• Microsoft Azure (hosting) — hosts the AccessiShield application and stores scan data.
• Google Analytics (usage analytics) — collects anonymous usage data on our marketing pages to help us understand how visitors find and use our site.

International Data Transfers

AccessiShield is based in the United States. Information you provide may be processed and stored on servers located in the United States or other jurisdictions where our service providers operate.

By submitting information through our website, you acknowledge that your information may be transferred outside your country of residence.

Cookies and Site Functionality

Our website uses the following cookies:

• ExternalOAuth — temporary, HttpOnly cookie used during Google sign-in. Deleted automatically after authentication completes.
• access_token — short-lived HttpOnly cookie (5-minute expiry) used to transfer your sign-in session. Deleted after your dashboard loads.
• .AspNetCore.Antiforgery.* — automatic CSRF protection cookie set by our web framework. Essential for security.
• _ga, _gjs — Google Analytics cookies that help us understand how visitors find and use our marketing pages. These are only set if you accept cookies via the consent banner. If you decline, Google Analytics runs in cookieless mode.

We do not use cookies for advertising, cross-site tracking, or retargeting. You can change your cookie preference at any time by clearing your browser’s local storage for this site.

Data Retention

We retain personal information for as long as necessary to provide the service you request and maintain our business relationship. If you request deletion or close your account, we will delete or anonymize your personal data within a reasonable timeframe unless retention is required for legal or operational purposes.

Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate information
• Request deletion of your personal data
• Restrict or object to certain processing activities
• Request a copy of your data in a portable format

To exercise any of these rights, contact us at privacy@accessishield.com.

Contact

For privacy-related inquiries, email us at privacy@accessishield.com.