Privacy policy

Last updated: June 9, 2026

Introduction

SimpleAIO ("we", "our", "the service") is operated by John MacLeod, a sole proprietor based in Sarnia, Ontario, Canada. This policy explains what information we collect, how we use it, and your rights. By using SimpleAIO you agree to this policy.

Information we collect

Email address — collected at signup and used for authentication, transactional emails, and (if you opt in) our newsletter.
Website URLs — the domain you submit for auditing. We store your audit history so you can track your score over time.
Payment information — we use Stripe to process payments. We never see or store your card details. Stripe's privacy policy applies to payment data.
Usage data — audit counts, plan status, and feature usage. Used to enforce plan limits and improve the service.
Session tokens — stored as cookies to keep you logged in. These expire automatically.

How we use your information

We use the information above to: provide and operate the service, send you audit results and account notifications, enforce your plan limits, improve the product, and (with your consent) send our newsletter. We do not sell your data. We do not share it with third parties except as described in this policy.

Third-party services

We use the following services to operate SimpleAIO:

Stripe — payment processing (stripe.com/privacy)
Supabase — database and authentication (supabase.com/privacy)
Resend — transactional email delivery (resend.com/privacy)
Beehiiv — newsletter platform (beehiiv.com/privacy) — only if you subscribe to our newsletter
PDFMonkey — PDF report generation (pdfmonkey.io/privacy)

Each service has its own privacy policy. We recommend reading them if you want to understand how your data is handled end-to-end.

Data retention

We keep your account data for as long as your account is active. Audit results are retained indefinitely so you can track your score over time. If you delete your account, we delete your personal data within 30 days. Some data may be retained longer where required by law.

Your rights

You have the right to access, correct, or delete your personal data. To exercise any of these rights, email [email protected]. We will respond within 30 days.

Cookies

We use session cookies to keep you logged in. We do not use tracking cookies or third-party advertising cookies.

Security

We use industry-standard security practices including encrypted connections (HTTPS), hashed passwords, and access controls. No system is perfectly secure — if you discover a vulnerability, please contact [email protected].

Changes to this policy

We may update this policy from time to time. We will notify you by email if changes are material. The "last updated" date at the top of this page reflects the most recent revision.

Contact

Questions about this policy? Email [email protected].