digital-delight.ch Free AI Search Audit

Privacy Policy

How we handle the data you submit to the free AI audit.

Effective 2026-05-18 · plain-English version below the legal one is missing on purpose — the legal version is already plain English.

Who collects the data

Digital Delight (Basel, Switzerland), the agency operating the lead-magnet tool on audit.digital-delight.ch. Contact for any privacy question: info@digital-delight.ch.

What we collect

  • From the form: URL of the site you want audited, your work email, first name, phone (optional), preferred AI engine.
  • From your request: IP address, browser user-agent, country (resolved by Cloudflare), referrer, UTM parameters in the URL.
  • From the audit run: the public response of the URL you submitted (HTML, headers, robots.txt, sitemap, schema markup). Stored only for benchmarking.

We do not collect cookies for tracking or analytics. Cloudflare sets one functional security cookie (__cf_bm); it is not used for advertising and expires after 30 minutes.

Why we collect it

  • Email you the audit report — that is the whole point of the form, and the consent you ticked covers it.
  • Follow up with a short sequence of emails offering to walk you through the report or pitch a paid engagement. One-click unsubscribe in every email.
  • Benchmark sites we audit — aggregated, anonymous statistics that never identify you in any external report.
  • Operational — replying to questions, fixing bugs, debugging deliverability.

Who we share it with

We use the following processors to actually run the service. Each one is contractually bound to keep your data confidential:

  • Cloudflare, Inc. (US) — hosting and CDN for audit.digital-delight.ch.
  • Resend, Inc. (US, EU sending region) — email delivery (the report and follow-ups).
  • Supabase, Inc. (US) — database where your lead row lives.
  • Hetzner Online GmbH (Germany) — the VPS that runs the audit scanner.
  • Auriti Labs GEO Optimizer (MIT, self-hosted on the Hetzner VPS) — the open-source scanner we use to grade the URL.

We do not sell your contact data. We do not pass it to advertising networks. We do not enrich it with third-party data brokers.

How long we keep it

  • Lead row (name, email, phone, URL, score): 24 months, then deleted.
  • Audit report (the JSON the scanner returned): 6 months, then deleted.
  • Server logs (Cloudflare, Hetzner, n8n): 30 days, rolled over automatically.
  • Email delivery records in Resend: 30 days per their default policy.

If you ask us to delete earlier, we do it within 7 business days.

Your rights

Under the Swiss FADP and the GDPR (we treat all users to the same standard regardless of region):

  • Access — what we hold on you.
  • Correction — fix anything that is wrong.
  • Deletion — remove everything.
  • Restriction — pause processing while we sort something out.
  • Portability — get a JSON copy you can take elsewhere.
  • Withdraw consent — unsubscribe link in every email, or send us a one-line request.

One email gets all of these done: info@digital-delight.ch.

Security

Transport encryption (HTTPS) end-to-end. Database access is gated by a server-side secret never exposed to the browser. The audit scanner is firewalled and only reachable from the agency's own n8n instance. We do not store payment data — there is none to steal because the tool is free.

Changes to this policy

If we change anything material, we update the effective date at the top and email anyone with an active lead row in our database. Cosmetic edits (typos, formatting) do not trigger a notice.

Looking for the EN/DE toggle? Top-right of every page. Looking for our main agency's privacy policy? digital-delight.ch/datenschutz.