Privacy Policy

Last updated: January 5, 2026

1. Introduction

Universal Clarity ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, in compliance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller: Universal Clarity
Contact: [email protected]

2. Information We Collect

2.1 Personal Data You Provide

We collect information that you voluntarily provide to us:

  • Contact Information: Name, email address, company name when you fill out forms or subscribe to our newsletter
  • Account Information: Username, email, authentication data when you create an account
  • Website URLs: URLs you submit for accessibility or cookie scanning
  • Communication Data: Information in messages you send to us

2.2 Automatically Collected Data

  • Usage Data: Pages visited, time spent, click patterns, referral sources
  • Device Information: Browser type, operating system, device identifiers
  • Cookies: See our Cookie Policy for detailed information
  • Log Data: IP address, access times, error logs

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Consent (Article 6(1)(a)): Newsletter subscriptions, optional cookies
  • Contract Performance (Article 6(1)(b)): Providing services you've requested
  • Legitimate Interests (Article 6(1)(f)): Website analytics, security, fraud prevention
  • Legal Obligation (Article 6(1)(c)): Compliance with applicable laws

4. How We Use Your Information

  • Provide, operate, and maintain our accessibility and compliance services
  • Process your requests for website scans and compliance checks
  • Send you newsletters and marketing communications (with your consent)
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to improve our services
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our terms

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service Providers: Third-party companies that help us operate our services (email delivery, analytics, hosting)
  • Legal Requirements: When required by law, court order, or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party processors are bound by data processing agreements ensuring GDPR compliance.

6. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules where applicable

7. Your Rights Under GDPR

As an EU resident, you have the following rights:

  • Right to Access (Article 15): Request a copy of your personal data
  • Right to Rectification (Article 16): Correct inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing (Article 18): Limit how we use your data
  • Right to Data Portability (Article 20): Receive your data in a structured format
  • Right to Object (Article 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time for consent-based processing
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Account Data: Until account deletion or 3 years of inactivity
  • Newsletter Subscriptions: Until you unsubscribe
  • Scan Results: 12 months or until deletion requested
  • Legal Records: As required by applicable laws (typically 7 years)

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and authentication mechanisms
  • Regular security audits and vulnerability assessments
  • Employee training on data protection
  • Incident response procedures

10. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Sending email notifications for significant changes

12. Contact Us

For questions about this Privacy Policy or to exercise your rights:

Email: [email protected]

Data Protection Officer: [email protected]

Supervisory Authority: You may lodge a complaint with your local data protection authority