Skip to content

Privacy Policy

Last updated: March 2026

Who we are

GDPR Privacy Monitor is operated by SkuBee s.r.o. We provide an independent GDPR compliance scanning tool for web agencies, professional users, and site owners.

What data we process

When you submit a URL for scanning, we process:

  • The URL you submit.
  • Technical data collected during the scan: cookies, network requests, consent-banner interactions, and page screenshots.
  • Your IP address and browser User-Agent for rate-limiting and abuse prevention.

We do not retain raw cookie values as part of stored scan evidence. Where cookie data appears in exported artifacts such as HAR files, sensitive values are masked. If you create an account, we also process your email address, authentication data, subscription status, and notification preferences to operate the service.

Lawful basis

We process scan requests, account data, monitoring settings, and paid subscriptions as necessary for the performance of a contract under Article 6(1)(b) GDPR. We process limited IP address and service-security data under Article 6(1)(f) GDPR to protect the service against abuse, fraud, and unauthorized access.

Data retention

Scan results are retained for the following periods and then deleted automatically:

  • Free tier: 7 days.
  • Starter tier: 30 days.
  • Pro / Agency Pro tier: 90 days.

Scan artifacts such as PDF reports and HAR files are deleted from storage once the retention period expires. Expired scan rows are removed from the database in the same cleanup run. If you delete your account, associated account data and monitor configuration are deleted within 30 days unless a shorter retention period already applies.

Data transfers

Scan data and account data are hosted within the EU, including Hetzner infrastructure in Frankfurt, Germany. Current material sub-processors are Hetzner Online GmbH for hosting and object storage, Stripe for billing and subscription management, and Resend for transactional email delivery.

Payment processing is handled by Stripe. Your payment details are processed directly by Stripe under their own privacy terms. We will update this policy before adding any new material sub-processors that handle customer personal data. We will notify registered users of material changes to this policy by email at least 30 days before the changes take effect.

Account data

If you create an account, we store your email address, hashed password, subscription tier, workspace and monitor configuration, and notification preferences. You can request account deletion at any time from Account Settings. We do not store payment card numbers on our servers.

Your rights

Under the GDPR you have the right to access, rectify, erase, restrict, or object to processing of your personal data, and the right to data portability where applicable. You also have the right to lodge a complaint with a supervisory authority, including the Slovak Office for Personal Data Protection or the authority in your country of residence. Free scans expire automatically under the retention policy above. If you need help with a specific request, contact us below.

Contact

SkuBee s.r.o.
Doležalova 3424/15C
821 04 Bratislava, Slovakia
Company ID (ICO): 57 113 998
Tax ID (DIC): 2122575576
VAT ID: SK2122575576
For data protection enquiries: [email protected]

Privacy Policy — GDPR Privacy Monitor