ScanScore
Run Diagnostic →

Privacy Policy

Last updated: May 2026

Who we are

ScanScore is a trading name of Creogence Limited (Company No. 10799036), a company registered in England and Wales. Our registered office is 12 Alderton Close, Loughton, England, IG10 3HQ. When this policy refers to ‘we’, ‘us’ or ‘ScanScore’, it means Creogence Limited.

For privacy enquiries, contact us at support@scanscore.co.

What data we collect and why

When you use ScanScore, we collect:

  • Your email address: to deliver your diagnostic report and, with your consent, to send related guidance. Legal basis: contract performance and consent.
  • Your website URL: to run the diagnostic scan. Legal basis: contract performance.
  • Your business description and diagnostic inputs: to generate your report. Legal basis: contract performance.
  • Your IP address: to apply rate limiting on the free tier and prevent abuse. Legal basis: legitimate interests.
  • Your diagnostic results: to deliver your report and allow re-runs. Legal basis: contract performance.
  • Payment information: processed directly by Stripe. We do not store card details. Legal basis: contract performance.

How long we keep your data

Free diagnostic reports are retained for 7 days from the date of the scan. Standard and Premium paid diagnostic reports are retained for 365 days from the date of your scan. Report data is retained on the basis of contract performance — to deliver the diagnostic service you have paid for and to honour the included re-run entitlement within the retention window. After this period, your diagnostic report, findings, and website scan data are permanently deleted. Financial records, refund logs, and compliance audit records are retained for longer periods as required by law. Unsubscribing removes you from our marketing communications. Your email address is retained in our records for legal and operational purposes. To request complete deletion of your data, email support@scanscore.co. You can request deletion of your personal data at any time by emailing support@scanscore.co. We will process your request within 30 days.

Third parties we share data with

  • Supabase: database and storage provider. Data is stored in the EU.
  • Google (Gemini API): processes website content and business description to generate diagnostic reports. Data is processed in accordance with Google’s API data use policy.
  • Stripe: processes payments. Stripe is PCI DSS compliant.
  • Lovable: application hosting provider.

We do not sell your data to any third party.

Your rights

Under UK GDPR, you have the right to access, correct, delete, or export your personal data. You can also object to processing or withdraw consent at any time. To exercise any of these rights, email support@scanscore.co. You have the right to lodge a complaint with the Information Commissioner’s Office (ico.org.uk).

Cookies

See our Cookie Policy for details of the cookies we use.

Changes to this policy

We may update this policy from time to time. The date at the top of this page shows when it was last updated.