Privacy & Data Use
This Privacy Policy explains how Comply Scan Pro collects, uses, and retains data to deliver accessibility compliance intelligence.
Overview
Comply Scan Pro is designed to minimize sensitive data collection. We retain operational scan data only as long as needed for auditability and customer workflows, and we separate that data from anonymized aggregates used to improve scoring and benchmarks.
Data Classes (OCD vs PID)
Customer-scoped operational data required to run scans and generate reports.
- • Scan targets, crawl scope, findings, and related telemetry
- • Reports/exports and scan configuration (e.g., WCAG level)
- • Access-controlled and isolated per customer (RLS-protected)
Anonymized aggregates used to improve scoring quality and enable benchmarks.
- • Aggregated rule prevalence and severity distributions
- • Score bands and percentiles (e.g., median, top quartile)
- • Uses hashed keys; excludes URLs, domains, page paths, HTML/content, scan IDs, user IDs, and workspace identifiers
Retention: OCD is time-limited by default. PID is long-retention anonymized aggregates used for platform improvement and benchmark calibration.
How we use data
- • Provide scans, reports, exports, and auditability features
- • Maintain reliability, security, abuse prevention, and support
- • Improve scoring and benchmarks using anonymized PID aggregates
AI training policy
Comply Scan Pro does not use customer URLs, page content, findings, or reports to train public or general-purpose AI models.
Retention
Retention defaults are documented in the Trust Center and may vary by plan or written agreement. When retention periods expire, data is deleted.
Contact
For privacy, retention, or procurement questions, request the contract exhibit via your procurement process, or contact support through your account channel.