Data we process
- Account data (if you create an account): email, password hash, plan and usage metadata.
- Audit data: audited URL, timestamp, scores and report JSON.
- Technical logs: IP address for rate limiting and security (especially for public audits).
Important: Orilyt performs read-only checks. It does not require admin access and does not modify the audited website.
Why we process data
- To provide audit reports and keep an audit history for logged-in users.
- To prevent abuse (rate limiting, fraud prevention, basic security logging).
- To improve reliability (debug logs in development environments).
Legal basis
- Contract performance: to provide the service you request.
- Legitimate interests: fraud prevention and service security.
- Consent: only for optional cookies (see Cookies page).
Data retention
Account and audit history are retained while your account is active, then deleted or anonymized according to applicable requirements.
Security logs (including IP-based rate limiting) are retained for a limited period necessary to prevent abuse.
Sharing and processors
We do not sell personal data. We only share data with service providers required to operate the service (hosting, email, payment, etc.).
- Hosting provider: stores application data and databases.
- Payment provider (if applicable): processes payments and subscriptions.
Replace placeholders in legal.php with your actual provider details.
Your rights
Depending on your jurisdiction, you may have rights to access, rectify, delete, or object to processing, and to data portability.
To exercise your rights, contact: contact@orilyt.com.
Security
We apply reasonable security measures to protect stored data. No system is 100% secure; please use a strong password and keep it confidential.
