Privacy Policy

Last updated: July 12, 2026 · CheckMyStore.ai is a product of Northstar Flux LLC.

Short version: we collect the minimum needed to run scans and follow up when you ask us to. We don't run ad trackers, we don't sell data, and your reports are yours.

What we collect

Store URLs you submit. When you run a scan, we store the URL, the scan results (the accessibility findings), and screenshots of the public pages we checked. These form your report and, over time, your compliance record.

Your email, if you give it. If you enter your email after a scan, we store it with the store it relates to so we can follow up about your findings and monitoring options.

Basic technical data. We temporarily process IP addresses to prevent abuse of the free scanner (rate limiting). We do not use analytics trackers, advertising cookies, or fingerprinting on this site.

Payment details — handled by Stripe. Subscriptions are processed by Stripe. Your card number goes to Stripe, not to us; we receive only confirmation of payment and basic billing details (name, email, amount).

How we use it

To produce your scan reports and compliance records, to run monthly re-scans when you enable monitoring, to respond when you ask us to follow up, and to operate and improve the service. We do not sell or rent personal information to anyone.

AI processing

To write findings in plain English, scan data (the rule-engine results and a screenshot of the scanned page) is processed by Anthropic's Claude API. Anthropic does not use API data to train its models by default. The pages analyzed are publicly accessible pages of the store being scanned.

Cookies

This site does not set advertising or analytics cookies. That is why you don't see a cookie banner — there is nothing to consent to.

Who we share data with

Only the service providers needed to run the product: Stripe (payments), Anthropic (AI analysis of scan data), and our hosting provider (where the application and its data run). Each processes data only to provide their service. We may also disclose information if the law requires it.

How long we keep it

Scan reports and compliance records are kept for as long as they serve their purpose — a dated record is the point of the product. Lead emails are kept until you ask us to remove them or we conclude the conversation is over. You can request deletion of any of it at any time (see Your rights).

Your rights

Wherever you are — and specifically under the GDPR if you're in the EU/UK, or the CCPA if you're in California — you can ask us to show you the personal data we hold about you, correct it, or delete it. Email [email protected] and we'll handle it within 30 days.

Security

We use standard technical measures to protect stored data, and payment credentials never touch our systems (they go directly to Stripe). No online service can promise perfect security, but we keep the amount of personal data we hold deliberately small.

Children

This service is for businesses and is not directed at anyone under 16. We don't knowingly collect data from children.

Changes and contact

If this policy changes materially, we'll update the date at the top of this page. Questions: [email protected].