AnalyticsProof

Terms of Service & Privacy Policy

Last Updated: 2026-02-13

1. Acceptance of Terms

By accessing or using the AnalyticsProof platform ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree, you may not use the Service.

2. Service Provider

The Service is operated by:

Dataras s.r.o.
IČO: 19362731
Roháčova 145/14, Žižkov (Praha 3), 130 00 Praha
Czech Republic
Email: info@analyticsproof.com

3. Description of Service

AnalyticsProof provides automated compliance and analytics testing across three platforms:

  • Web: Web Compliance Scan (CMP validation, cookie consent, vendor audit) and Web DataLayer Scan (diff-based DataLayer integrity monitoring)
  • Mobile: Mobile Compliance Scan (GDPR consent testing for iOS/Android) and Mobile Analytics Scan (proxy-based analytics validation)
  • TV: HbbTV Compliance Scan (consent and tracking compliance) and HbbTV Analytics Scan (analytics integrity monitoring)

Services are organized on a project-based model. Each project can contain multiple scan targets and team members.

4. Subscription Plans and Pricing

The Service is available in the following tiers:

  • Free (€0/month): Web Compliance Scan, 1 scan per month, 1-month results storage, 1 project
  • Starter (€49/month): Web Compliance + DataLayer scans, daily automated scans, permanent storage, email and Slack notifications
  • Professional (€149/month): All 6 scan types across Web, Mobile, and HbbTV platforms, daily automated scans, priority support
  • Enterprise (custom pricing): Unlimited scans, API access, CI/CD integration, invoice-based billing, SLA guarantee, dedicated support

Plans are billed per project. Annual billing is available with a 20% discount. All prices are in EUR and exclude applicable VAT.

5. Payments and Billing

All payments are processed securely through Stripe. Subscriptions are billed in advance on a monthly or annual basis and renew automatically unless cancelled. We will provide at least 30 days' notice before any price changes take effect.

6. Refunds and Cancellation

We offer a 14-day money-back guarantee for new subscriptions. After this period, no refunds are issued for partial billing periods. You may cancel your subscription at any time; cancellation takes effect at the end of the current billing period. Upon cancellation, your project is downgraded to the Free tier.

7. Account Creation and Security

You may register using email/password, Google, or GitHub authentication. You are responsible for maintaining the security of your account credentials and for all activities under your account. Projects support three roles: Owner (full control), Admin (manage settings and team), and Viewer (read-only access).

8. Acceptable Use

You agree not to:

  • Scan websites or applications without proper authorization from their owner
  • Use the Service for any unlawful purpose or to violate any applicable laws
  • Attempt to reverse engineer, decompile, or disassemble any part of the Service
  • Share account credentials with unauthorized third parties
  • Interfere with or disrupt the integrity or performance of the Service
  • Use the Service to harm, exploit, or target others

9. Data Processing and Privacy

We process personal data in accordance with the General Data Protection Regulation (GDPR) and our Privacy Policy (see below). All data is stored within the European Union. Scan results are stored as structured JSON in PostgreSQL databases hosted in EU data centers.

10. Email Communications

We distinguish between the following types of email communications:

  • Transactional emails: Password resets, scan result notifications, team invitations, and invoices are necessary for service operation and are sent without separate opt-in.
  • Marketing emails for paying customers: Based on legitimate interest pursuant to § 7(3) of Czech Act No. 480/2004 Coll., we may send commercial communications related to our services to paying customers. Every marketing email includes an unsubscribe link.
  • Marketing emails for free users: Sent only with your explicit consent, given during registration via a separate checkbox. Consent is voluntary, not required for registration, and can be withdrawn at any time.

You can manage your marketing email preferences in your profile settings or via the unsubscribe link in any marketing email.

11. Intellectual Property

All content, features, functionality, trademarks, and branding of the AnalyticsProof platform are owned by Dataras s.r.o. and are protected by applicable intellectual property laws. You retain all rights to your own data and scan results generated through the Service.

12. Limitation of Liability

To the maximum extent permitted by law, Dataras s.r.o. shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from or related to your use of the Service. Compliance scan reports are informational tools and do not constitute legal advice. You should consult a qualified legal professional for compliance decisions.

13. Disclaimer of Warranties

The Service is provided "as is" and "as available" without warranties of any kind, whether express or implied. We do not guarantee that the Service will be uninterrupted, error-free, or that all compliance issues will be detected.

14. Term and Termination

These Terms remain in effect while you use the Service. Either party may terminate at any time. We reserve the right to suspend or terminate your account for violation of these Terms, with reasonable notice where possible.

15. Changes to Terms

We may modify these Terms at any time. For material changes, we will provide at least 30 days' notice via email or through the Service. Your continued use of the Service after changes take effect constitutes acceptance of the modified Terms.

16. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the Czech Republic. Any disputes shall be resolved by the competent courts in Prague, Czech Republic. In case of any discrepancy between language versions, the Czech version prevails.

Privacy Policy

1. Data Controller

The controller of your personal data is:

Dataras s.r.o.
IČO: 19362731
Roháčova 145/14, Žižkov (Praha 3), 130 00 Praha
Czech Republic
Email: privacy@analyticsproof.com

2. Information We Collect

2.1 Information You Provide

When you register and use our Service, we collect:

  • Account information: name, email address, password (hashed)
  • Authentication data: OAuth tokens from Google or GitHub (if used)
  • Payment information: processed and stored by Stripe; we do not store full card details
  • Project data: project names, scan target URLs, team member assignments
  • Communication preferences: marketing consent status

2.2 Information Collected Automatically

When you access our Service, we may automatically collect:

  • IP address and approximate location
  • Browser type and version
  • Operating system
  • Pages visited and time spent
  • Referring website

2.3 Scan Data

When scans are executed, we collect and store:

  • Scan results (compliance scores, detected vendors, violations) as structured JSON
  • Technical metadata (scan duration, viewport settings, timestamps)
  • Target website information (URLs, detected CMP implementations)

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract performance (Art. 6(1)(b)): Account creation, service delivery, subscription management, scan execution
  • Legitimate interest (Art. 6(1)(f)): Service security, fraud prevention, analytics for service improvement, marketing communications to paying customers (§ 7(3) Czech Act No. 480/2004 Coll.)
  • Consent (Art. 6(1)(a)): Marketing communications to free users, optional analytics cookies
  • Legal obligation (Art. 6(1)(c)): Tax and accounting records, responding to legal requests

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process subscriptions and payments
  • Execute compliance scans and generate reports
  • Send transactional communications (scan results, invoices, account notifications)
  • Send marketing communications (with appropriate legal basis)
  • Respond to inquiries and provide customer support
  • Detect and prevent fraud or unauthorized access
  • Comply with legal obligations

5. Email Communications

We send the following types of email communications:

5.1 Transactional Emails

These are necessary for service operation and are sent without separate opt-in:

  • Password reset links
  • Scan result notifications
  • Team invitations
  • Invoices and payment confirmations
  • Account security notifications

5.2 Marketing Emails for Paying Customers

Based on legitimate interest pursuant to § 7(3) of Czech Act No. 480/2004 Coll., we may send commercial communications related to our services to paying customers. These include product updates, tips, and offers related to services you have purchased. Every marketing email contains an unsubscribe link.

5.3 Marketing Emails for Free Users

We send marketing emails to free users only with explicit consent, given during registration via a separate, unchecked checkbox. Consent is:

  • Voluntary — not required for registration or use of the Service
  • Specific — covers product updates, tips, and offers from AnalyticsProof
  • Revocable — can be withdrawn at any time via profile settings or unsubscribe link

5.4 How to Unsubscribe

You can opt out of marketing emails at any time by:

  • Clicking the unsubscribe link in any marketing email
  • Toggling the marketing preference in your profile settings

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Stripe: Payment processing (as data processor)
  • Hostinger: Email delivery via SMTP (as data processor)
  • Google Cloud: Scan execution infrastructure within the EU (as data processor)
  • GlitchTip: Error tracking and monitoring (as data processor)
  • Legal authorities: When required by law or to protect our rights

7. Data Storage and Security

All data is stored within the European Union:

  • PostgreSQL databases hosted in EU data centers
  • Redis caching within EU infrastructure
  • Scan results stored as structured JSON in PostgreSQL

We implement appropriate technical and organizational measures including encryption in transit (TLS), hashed passwords (Argon2), and access controls to protect your data.

8. Data Retention

  • Free plan scan results: Retained for 1 to 12 months
  • Paid plan scan results: Retained permanently while your subscription is active
  • Account data: Retained while your account is active and for a reasonable period after deletion for legal and accounting purposes
  • Payment records: Retained as required by tax and accounting laws
  • Public scan results: Retained for 1 to 12 months

9. Your Rights Under GDPR

As a data subject, you have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccurate personal data (Art. 16)
  • Erase your personal data ("right to be forgotten") (Art. 17)
  • Restrict processing of your personal data (Art. 18)
  • Data portability — receive your data in a machine-readable format (Art. 20)
  • Object to processing based on legitimate interest (Art. 21)
  • Withdraw consent at any time without affecting lawfulness of prior processing (Art. 7(3))

To exercise these rights, contact us at privacy@analyticsproof.com. We will respond within 30 days.

10. Cookies

We use the following cookies:

  • Session cookie: Required for authentication (essential, no consent needed)
  • Locale cookie: Stores your language preference (essential)
  • Project selection cookie: Remembers your selected project (essential)

We do not use third-party tracking cookies or advertising cookies.

11. International Transfers

Scan data and account data are processed within the European Union. Some sub-processors may process certain data outside the EU/EEA: payment data is processed by Stripe (incl. the United States) under the EU Standard Contractual Clauses. We rely on appropriate safeguards for any such transfer.

12. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will provide notice via email or through the Service. The date of the last update is displayed at the top of this page.

14. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. The relevant authority for our company is:

Úřad pro ochranu osobních údajů (ÚOOÚ)
Pplk. Sochora 27, 170 00 Praha 7
Czech Republic
Website: www.uoou.cz

15. Contact

For questions about this Privacy Policy or to exercise your data protection rights, contact us at:

Dataras s.r.o.
Email: privacy@analyticsproof.com
Roháčova 145/14, Žižkov (Praha 3), 130 00 Praha
Czech Republic