Your Privacy Choices

We do not sell or share your personal information

AuditBuffet does not “sell” or “share” your personal information as those terms are defined by CCPA §1798.140(ad)(1) (sale) and §1798.140(ah) (share for cross-context behavioral advertising). We do not run cross-context behavioral advertising, do not exchange your data for monetary or other consideration, and do not pass your identity to third-party data brokers.

Because we do not sell or share, the “Do Not Sell or Share My Personal Information” link required by CCPA §1798.135 does not strictly apply to us. We surface this page anyway so you have a single place to see your choices.

What we collect (and what we don’t)

When you create an AuditBuffet account, we store: the email address you signed up with, an optional display name and avatar, your subscription state, and any audit telemetry JSON you choose to submit. The audit telemetry contains only structural patterns and pass/fail outcomes — never source code, file contents, environment variables, API keys, or URLs. Stripe holds payment information separately; we never see card numbers.

When you visit the marketing site, we use Vercel Analytics and Vercel Speed Insights for aggregate page-view and performance metrics. Both are cookieless and do not transmit personal identifiers. We honor the global privacy control signal (Sec-GPC: 1) and the older Do-Not-Track signal — if your browser sends either, the analytics SDKs do not initialize for your session.

Your controls

• Cookie preferences. The cookie consent banner gates analytics initialization. You can re-open the banner at any time to change your selection — we store your choice in localStorage so it persists until you clear it.
• Download your data. Sign in and visit Settings → Danger zone → Download. You will receive a JSON archive containing your profile, projects, audit submissions, and scoring history (GDPR Art. 20).
• Delete your account. Same place. Confirmation requires typing an exact phrase to prevent accidents. Submissions you have made are anonymized rather than deleted (the structural pass/fail patterns feed our public benchmarks under the GDPR Art. 17(3)(d) statistical-purposes basis); everything personally identifying about you is removed within 24 hours. The underlying authentication record is permanently deleted after the 90-day chargeback window (per Stripe billing best practice).
• Object to specific processing. Under GDPR Art. 21 you can ask us to exclude your submissions from our public benchmark percentile calculations without deleting your account. Send the request to privacy@auditbuffet.com; we’ll process it within 30 days.
• Right to know & right of access. CCPA §1798.110 and GDPR Art. 15 give you the right to know what personal information we hold about you. The data export above satisfies both. For categories of information, sources, and business purposes, see our privacy policy.
• Manual or assisted requests. If you can’t self-serve (account locked, you’re not the account holder but represent one, etc.), email privacy@auditbuffet.com. We commit to acting on requests within 30 days (GDPR Art. 12.3 / CCPA §1798.130).

Global Privacy Control (GPC) and Do-Not-Track (DNT)

If your browser transmits the Sec-GPC: 1 header or sets navigator.globalPrivacyControl = true, we treat that as a request to opt out of any future processing that could be considered “sale” or “share” under CCPA/CPRA — even though we don’t do either today. We also treat DNT (DNT: 1) the same way. Practically: the analytics SDKs don’t initialize for your session.