Privacy Policy

SupaWeb Labs provides a Revenue Intelligence platform that connects technical, UX, and performance findings to business impact. The desktop application is an execution agent: it authenticates your account, verifies your subscription entitlement, scans within plan limits, and uploads the results to the web dashboard.

We do not sell personal data. We aim to store only what is required to operate the service, enforce plan limits, prevent abuse, and deliver the reporting experience.

• • Provide account access and authenticate users.
• • Verify subscription entitlements and enforce plan limits (pages/factors).
• • Run scans, generate reports, and deliver results on the web dashboard.
• • Prevent fraud, abuse, and unauthorized usage.
• • Provide customer support and troubleshoot issues.
• • Improve product reliability, performance, and user experience.

• • Contract: to provide the Services you request, including authentication, plan enforcement, scanning, and reporting.
• • Legitimate interests: to secure our Services, prevent abuse, and improve performance (balanced against your rights).
• • Consent: where required for certain cookies or marketing communications (you can withdraw anytime).
• • Legal obligation: where required to comply with applicable laws.

We may share limited data with trusted vendors that support our infrastructure, authentication, database, hosting, and payments. These providers are authorized to process data only as necessary to provide services to us under contractual safeguards.

We may also disclose information if required by law, to protect users, prevent fraud/abuse, or enforce our terms and policies.

We use modern infrastructure vendors for hosting, database/auth, and payments. Exact names may vary by region or deployment. For enterprise due diligence, request our latest Subprocessor List by emailing support@supaweblabs.com.

Enterprise add-on: a formal DPA and Subprocessor List are available on request.

• • Encryption in transit (TLS) for web/API communications.
• • Access control and least-privilege principles for internal operations.
• • Rate limiting and abuse protection for APIs.
• • Segmentation between scanning (desktop) and reporting (web) architecture.
• • Continuous monitoring and incident response procedures as the product matures.

No system is 100% secure. If you believe you found a security issue, email support@supaweblabs.com with details.

We retain account information while your account is active. Scan results may be retained to provide reporting access and historical comparisons (when enabled). We may delete or anonymize data when it is no longer necessary for the purposes described in this policy, subject to legal requirements.

You can request deletion of your account data by emailing support@supaweblabs.com.

Depending on your region and configuration, data may be processed in multiple countries. When required by applicable law, we rely on appropriate transfer mechanisms and contractual safeguards (e.g., SCCs) to protect personal data in transit and at rest.

We may use cookies and similar technologies for authentication, security, and improving user experience. For details and controls, see our Cookie Policy.

Our Services are not directed to individuals under the age of 16 (or the age required by local law). If you believe a child has provided personal data, contact support@supaweblabs.com.

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and may provide additional notice if required by law.

For privacy inquiries, rights requests, or enterprise compliance questions, email support@supaweblabs.com.

Optional enterprise add-ons (available on request): Data Processing Addendum (DPA), Subprocessor List, and security documentation suitable for procurement and investor diligence.