🛡️ CookieGuard← Back to Home

Privacy Policy

Last updated: February 2026

1. Who We Are

CookieGuard is a cookie compliance software-as-a-service (SaaS) platform that helps website owners understand and comply with cookie and privacy regulations including GDPR, CCPA, and ePrivacy. Our service is operated from Israel.

Contact: support@wba.agency

2. What Data We Collect

We collect the following categories of personal data:

  • Account Information: Name, email address, and password (hashed) when you register for an account.
  • Website URLs: The URLs you submit for scanning.
  • Scan Results: The cookies, trackers, and compliance data detected on your scanned websites.
  • Payment Information: Billing details processed securely via Stripe. We do not store your full credit card number on our servers.
  • Usage Data: Pages visited, features used, and general interaction patterns to improve our service.

3. How We Use Your Data

  • Provide the Service: Perform website scans, generate compliance reports, and deliver consent banner functionality.
  • Improve Our Scans: Analyze aggregated scan data to improve detection accuracy and expand our cookie database.
  • Billing: Process payments and manage your subscription.
  • Communication: Send transactional emails (scan results, account updates) and, with your consent, product updates.

4. Cookies We Use

Yes, even a cookie compliance tool uses cookies — but only the essentials:

  • Session Cookies: To maintain your authenticated session.
  • Authentication Cookies: Managed via Supabase Auth to securely identify you.

We do not use analytics or marketing cookies on our own platform.

5. Third-Party Services

We use the following third-party services to operate CookieGuard:

  • Supabase: Authentication and database hosting (EU-hosted).
  • Stripe: Payment processing. Subject to Stripe's Privacy Policy.
  • Vercel: Application hosting and deployment.
  • Resend: Transactional email delivery.

6. Data Retention

Scan results and account data are retained for the lifetime of your account. When you delete your account, all associated data — including scan results, reports, and personal information — is permanently deleted within 30 days. Backups are purged within 90 days.

7. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your data ("right to be forgotten").
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing of your data for specific purposes.
  • Right to Restrict Processing: Request limitation of processing in certain circumstances.

To exercise any of these rights, contact us at dpo@wba.agency. We will respond within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS), encrypted storage, and access controls. However, no method of transmission over the internet is 100% secure.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@wba.agency