← Back to Home

Privacy Policy

Last updated: February 14, 2026

1. Introduction

FixFirst ("we", "our", or "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our accessibility monitoring service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address (via Auth0 OAuth)
  • Profile picture (if provided by OAuth provider)
  • Account preferences and settings

2.2 Website Scan Data

When you scan a website, we collect:

  • Website URLs you submit for scanning
  • HTML content and page structure (temporarily, during scan)
  • Accessibility violations detected
  • Scan results and historical data

2.3 Payment Information

Payment processing is handled by Paddle. We do not store your credit card information. We receive only transaction confirmations and subscription status from Paddle.

2.4 Usage Data

We automatically collect:

  • IP address and browser information
  • Pages visited and features used
  • Scan frequency and patterns
  • Error logs and performance metrics

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process your scans and generate reports
  • Send you scan results and notifications
  • Process payments and manage subscriptions
  • Improve our Service and develop new features
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Third-Party Services

We use the following third-party services:

Auth0 (Authentication)

Handles user authentication and OAuth login

Paddle (Payment Processing)

Processes payments and manages subscriptions

Resend (Email Delivery)

Sends transactional emails and notifications

OpenAI (AI Processing)

Generates plain-English fix suggestions

Sentry (Error Tracking)

Monitors errors and performance issues

5. Data Retention

We retain your data for as long as your account is active. Scan results are retained indefinitely for historical tracking purposes. If you delete your account, we will delete your personal information within 30 days, except where required by law to retain it.

6. Your Rights (GDPR)

If you are in the EU, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to processing of your data
  • Restriction: Request restriction of processing

To exercise these rights, contact us at privacy@fixfirst.dev

7. Cookies

We use cookies for:

  • Authentication (session cookies)
  • Remembering your preferences
  • Analytics and performance monitoring

You can disable cookies in your browser settings, but this may affect functionality.

8. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted databases, access controls, and regular security audits. However, no method of transmission over the internet is 100% secure.

9. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service.

11. Contact Us

For questions about this Privacy Policy, contact us at: privacy@fixfirst.dev