Privacy Policy

Last updated: February 27, 2026

1. Introduction

GEOAudit ("we", "our", "us") operates the website geoaudit.dev and the GEOAudit Chrome extension (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your email address and, if you sign in with Google, your name and profile picture. This information is stored securely in our authentication system powered by Supabase.

2.2 Scan Data

When you use GEOAudit to analyze a URL, we fetch the publicly available content of that URL to perform our analysis. For registered users, scan results (URL, score, category breakdowns) are stored to provide scan history. We do not store the full HTML content of scanned pages.

2.3 Payment Information

Payment processing is handled by iyzico, a PCI DSS compliant payment processor. We do not store your credit card numbers, CVV, or full card details on our servers. We only store transaction references, subscription status, and billing period information necessary to manage your subscription.

2.4 Usage Data

We automatically collect certain information when you use the Service, including your IP address, browser type, pages visited, and timestamps. This data is used for analytics and service improvement.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process your transactions and manage subscriptions
  • To send you service-related communications (account verification, billing, support)
  • To monitor and analyze usage patterns and trends
  • To detect, prevent, and address technical issues or fraud
  • To comply with legal obligations

4. Data Sharing

We do not sell your personal data. We may share information with:

  • Supabase: Authentication and database hosting
  • iyzico: Payment processing
  • Railway: Application hosting
  • Legal authorities: When required by law or to protect our rights

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS/SSL), secure authentication, and row-level security on our database. However, no method of transmission over the Internet is 100% secure.

6. Data Retention

We retain your account data for as long as your account is active. Scan history is retained for the duration of your account. You may request deletion of your account and associated data at any time by contacting us.

7. Cookies

We use essential cookies for authentication and session management. These cookies are necessary for the Service to function and cannot be disabled. We do not use third-party advertising or tracking cookies.

8. Your Rights

Under applicable data protection laws (including KVKK for Turkish residents and GDPR for EU residents), you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent at any time

To exercise any of these rights, please contact us at hello@geoaudit.dev.

9. KVKK Compliance

In accordance with the Turkish Personal Data Protection Law (KVKK, Law No. 6698), we process your personal data lawfully and transparently. Your data is processed based on your explicit consent and/or the necessity for performing the contract for the Service. You may contact us to exercise your rights under KVKK.

10. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact

If you have any questions about this Privacy Policy, please contact us at: hello@geoaudit.dev