Privacy Policy

Last updated: February 25, 2026

Introduction

MoralScan is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding your personal information.

What We Collect

We collect minimal data to provide our service:

  • Email address: Used for account authentication and important service updates
  • Selected principles: Your chosen ethical values (e.g., Climate Action, Fair Labor) are stored in our database to personalize brand scores
  • Scan history: We track the number of brand scans you perform to enforce daily limits (10 scans for free users, unlimited for premium subscribers)
  • Anonymous usage analytics: We use Google Analytics to understand general usage patterns (e.g., most-visited pages, traffic sources). No personally identifiable information is sent to Google Analytics.

What We Don't Collect

Your privacy matters. We deliberately do not collect:

  • Browsing history: We don't track what websites you visit or what products you view
  • Purchase data: We don't monitor your shopping activity or purchases
  • Payment information: All payment processing is handled securely by Stripe. We never see or store your credit card details

Chrome Extension Privacy

Our Chrome extension is designed with privacy in mind:

  • The extension reads the current page URL only to identify brand names on shopping websites
  • We do not track your browsing history or store the URLs you visit
  • The only data sent to our API is the brand name for scoring — no personal information, no page content, no browsing patterns
  • Your selected principles are stored locally in the extension and synced to your account when logged in

The extension uses browser local storage to cache your selected principles and daily scan count. This data stays on your device and is not transmitted to our servers unless you are logged in, in which case your principles are synced to your account.

Data Storage

Your account data is securely stored using Supabase, a database provider hosted in the European Union. All data is linked to your authenticated account and protected with industry-standard security measures.

Cookies

We use the following types of cookies:

  • Essential cookies: Authentication session cookies provided by Supabase to keep you logged in. These are always active and do not require consent. Retained until you log out or for up to 7 days.
  • Analytics cookies: With your consent, we use Google Analytics (via Google Tag Manager) to understand how visitors use MoralScan — such as which pages are most popular and how users navigate the site. Retained for up to 2 years.
  • Marketing cookies: With your consent, we may use marketing cookies to measure the effectiveness of our advertising campaigns. Retained for up to 90 days.

You can change your cookie preferences at any time by clicking the cookie icon in the bottom corner of any page, or by clearing your browser cookies.

Third-Party Services

To provide MoralScan, we work with the following trusted third parties:

  • Supabase: Authentication and database hosting (EU-hosted)
  • OpenRouter API: AI-powered brand scoring. Only brand names are sent to the API — no user data or personal information
  • Vercel: Website hosting and infrastructure
  • Stripe: Payment processing for premium subscriptions (handles all payment data securely)
  • Google Analytics: Website analytics to understand usage patterns (with your consent)
  • Google Tag Manager: Tag management for analytics and marketing tools (with your consent)
  • CookieYes: Cookie consent management to comply with GDPR and other privacy regulations

Your Rights

You have full control over your data:

  • Delete your account: You can permanently delete your account and all associated data at any time from your dashboard
  • Export your data: Request a copy of all data we hold about you by contacting us
  • Update preferences: Change your selected principles, email, or subscription settings anytime

GDPR Compliance

We serve users in the European Union and comply with the General Data Protection Regulation (GDPR). You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct any inaccurate data we hold
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Data portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing of your personal data
  • Withdraw consent: Withdraw consent at any time (does not affect prior processing)

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. Continued use of MoralScan after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this privacy policy or want to exercise your data rights, contact us at hello@moralscan.com