Privacy Policy

Last updated: 13 May 2026

1. What we collect

When you purchase or use GoodToDeploy, we collect:

• Your email address (for payment confirmation and report delivery)
• The URLs you submit for audit
• Your stack description (optional, provided during intake)
• Payment information (processed by Dodo Payments — we never see your card details)

2. How we use it

We use your information only to: deliver your audit report, send service-related emails (confirmation, report ready), communicate about your order if you contact us, and improve our service (anonymised aggregate data only).

3. Data storage and retention

Your data is stored in Supabase (EU region). We retain audit data for as long as your account is active, plus 12 months after your last interaction. You can request deletion at any time by emailing isit@goodtodeploy.com.

4. Third-party services

We use the following third-party services to run GoodToDeploy:

• Supabase — database and authentication
• Dodo Payments — payment processing
• Resend — email delivery
• DeepSeek — AI analysis of audit results
• Vercel — hosting and deployment

Each service acts as a data processor under our instructions. We ensure they provide adequate data protection safeguards.

5. Your rights

Depending on your jurisdiction, you may have the right to: access the personal data we hold about you, request correction or deletion, object to or restrict processing, and data portability. To exercise these rights, email isit@goodtodeploy.com.

6. Cookies

GoodToDeploy uses minimal cookies required for session management and payment processing. We do not use tracking cookies, analytics cookies, or third-party marketing cookies. The admin area uses a session cookie for authentication.

7. Changes to this policy

If we make material changes, we will notify you by email. Continued use after changes take effect constitutes acceptance of the updated policy.

8. Contact

For privacy-related inquiries: isit@goodtodeploy.com