Privacy Policy

What we collect

• Account: email, name, hashed password, language preference.
• Billing (via Stripe): customer ID, last 4 digits of card, billing address. We never see full card numbers.
• Audit data: URLs you submit and the resulting score and findings.
• Usage: anonymous pageview metrics for product improvement.

How we use it

To run audits you request, generate reports, send transactional email, bill you, and improve the product. We do not sell user data and we do not share with advertisers.

Subprocessors

• Stripe - payment processing
• Amazon Web Services (SES) - transactional email
• Hetzner - server hosting (EU)
• Cloudflare - CDN, DNS, marketing site
• Google PageSpeed Insights - Core Web Vitals data (your audit URLs are sent to Google)

Your rights (GDPR)

Access, correction, deletion, portability. Email privacy@metricspot.com from your account email and we'll respond within 30 days.

Retention

Active accounts: forever. Cancelled accounts: 90 days then permanent deletion.

Cookies

Strictly necessary cookies for authentication and CSRF protection. No advertising or tracking cookies.

Browser extension

The optional MetricSpot site auditor browser extension audits websites that our servers cannot reach (geofenced, datacenter-blocked). It activates only when you explicitly retry an audit for a specific URL inside your MetricSpot account. For that one URL it reads the page HTML, the site's robots.txt and sitemap, response headers, and real load-speed metrics measured in your browser, and sends them only to app.metricspot.com to produce your audit. It does not track your browsing, read other tabs, or run in the background. Uninstalling the extension stops all of this immediately.