Privacy Policy

Last updated: March 2026

1. Data We Collect

When you use InboxAuditHQ, we may collect the following information:

• Domain names you submit for scanning
• Email addresses if you provide them (e.g., for report delivery or account creation)
• Scan results generated by our automated DNS analysis
• Payment information processed securely by Stripe. We do not store credit card numbers, CVVs, or full card details on our servers.

2. How We Use Your Data

We use collected data to:

• Perform email authentication scans (SPF, DMARC, DKIM, MX analysis)
• Generate and deliver security reports
• Process payments for purchased reports and monitoring subscriptions
• Send scan results and purchased reports via email
• Improve our scanning accuracy and service reliability

3. Cookies and Storage

InboxAuditHQ uses sessionStorage only to temporarily hold scan results and enforce rate limiting during your browser session. We do not use:

• Advertising cookies
• Third-party tracking scripts
• Persistent cookies for analytics or profiling

Session data is automatically cleared when you close your browser tab.

4. Third-Party Services

We rely on the following third-party services to operate:

• Stripe — Payment processing. Stripe handles all payment data under their own privacy policy.
• Resend — Transactional email delivery for sending scan reports.
• Cloudflare — Hosting, CDN, and DNS infrastructure.

We do not sell or share your personal data with any other third parties.

5. Data Retention

• Scan results are stored for 90 days from the date of the scan, then automatically deleted.
• Email addresses are stored until you unsubscribe or request deletion.
• Payment records are retained as required by applicable tax and financial regulations.

6. Your Rights (GDPR)

We process data under legitimate interest for B2B communications and service delivery. Under GDPR and similar data protection laws, you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Delete your personal data (right to erasure)
• Object to processing of your data
• Port your data to another service

To exercise any of these rights, email us at hello@inboxaudithq.com. We will respond within 30 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including encrypted connections (TLS), access controls, and secure infrastructure provided by Cloudflare.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be noted on this page with an updated revision date.

9. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

hello@inboxaudithq.com