Krokanti Audit
Back to Krokanti Audit

Privacy Policy

Last updated: March 16, 2026

1. Who we are

Krokanti Audit is a website analysis platform operated by Krokanti Games SL, a Spanish limited company (Sociedad Limitada). For questions about this policy, contact us at hello@krokanti.com.

2. Data controller

Krokanti Games SL is the data controller for personal data processed through Krokanti Audit, in accordance with the EU General Data Protection Regulation (GDPR) and the Spanish Organic Law on Data Protection (LOPDGDD).

3. Data we collect

We collect the minimum data necessary to provide the service:

  • Account data: Your name and email address when you sign in via Krokanti Account (SSO).
  • Audited URLs: The website URLs you submit for analysis.
  • Audit reports: Performance scores, SEO metrics, accessibility findings, and AI-generated recommendations.
  • Usage data: Page views, feature usage, and error logs — collected in aggregate, never tied to individual users.
  • Payment data: Handled entirely by Stripe. We never store your card details.

4. Legal basis (GDPR)

We process your data based on the following legal grounds:

  • Contract performance: Processing necessary to provide the audit service you requested.
  • Consent: For optional features like AI-powered analysis and email notifications.
  • Legitimate interest: To improve our service, prevent abuse, and ensure security.

5. How audit data is processed

When you submit a URL for analysis:

  • The URL is sent to Google PageSpeed Insights API for Core Web Vitals and performance metrics.
  • Our server performs additional analysis including security headers, meta tags, structured data, and accessibility checks.
  • For Pro/Team users, results may be sent to Google Gemini AI for deep analysis and recommendations.
  • All results are stored securely in our EU-hosted database (Neon Postgres) and associated with your account.

6. Third-party services

We share data with the following services to operate Krokanti Audit:

  • Stripe — processes subscription payments. See stripe.com/privacy.
  • Vercel — hosts and serves the web application.
  • Neon — hosts our database on EU servers.
  • Google PageSpeed Insights — provides performance and accessibility metrics for audited URLs.
  • Brevo — sends transactional emails.
  • Cloudflare R2 — stores screenshots and exported reports.

7. Data retention

We retain your data as long as your account is active. If you delete your account, all data is permanently deleted within 30 days.

8. Your rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access your personal data (export via Settings).
  • Correct inaccurate data.
  • Delete your account and all associated data.
  • Object to or restrict processing.
  • Port your data (reports exportable as JSON/CSV/PDF).
  • Lodge a complaint with the Spanish Data Protection Agency (AEPD).

To exercise any right, email hello@krokanti.com.

9. Cookies

We use only essential cookies required for authentication and session management. See our Cookie Policy.

10. Changes to this policy

We may update this policy from time to time. We will notify you of material changes via email or a notice in the app.

11. Contact

Questions about privacy? Email us at hello@krokanti.com.