{web reveal}

Privacy Policy

Last updated: April 12, 2026

1. Information We Collect

Web Reveal collects minimal information necessary to provide our technology detection service:

  • URLs of websites you scan
  • Technology detection results derived solely from publicly accessible HTTP responses (HTML content, HTTP response headers, and DNS records)
  • Basic usage statistics

We do not collect, access, or store any content from password-protected pages, server-side source code, configuration files, database contents, or any other information that is not part of a website's public HTTP response.

2. How We Use Your Information

We use the collected information to:

  • Provide and improve our technology detection service
  • Store scan history for your convenience
  • Analyze usage patterns to enhance our algorithms

3. GDPR and UK GDPR Legal Bases

Where the EU GDPR or UK GDPR applies, Web Reveal relies on the following lawful bases under Article 6(1):

  • Performance of a contract (Art. 6(1)(b)): to provide your account, process scan requests, and deliver report features you request.
  • Legitimate interests (Art. 6(1)(f)): to secure the service, prevent abuse, improve detection quality, and maintain service reliability.
  • Legal obligation (Art. 6(1)(c)): to comply with applicable legal, tax, accounting, and law-enforcement obligations.
  • Consent (Art. 6(1)(a)): for optional non-essential cookies and related advertising/personalisation processing, where required by law.

4. Data Storage

Your account scan history is stored securely and is only accessible to your authenticated account.

For scans of eligible root domains, Web Reveal may publish a public report page that lists detected technologies for that domain. Public reports do not include user account identifiers and do not expose raw detection evidence by default.

5. Cookies

We use cookies to maintain your session and improve user experience. These include:

  • Essential cookies: Required for the service to function correctly (e.g., session management).
  • Analytics cookies: Used by Google Analytics to help us understand how visitors use our site.
  • Advertising cookies: Used by Google AdSense and its partners to serve personalised advertisements based on your interests. These include the DoubleClick DART cookie, which Google uses to serve ads across websites you visit.

You can opt out of personalised advertising by visiting Google's Ad Settings, or by visiting AboutAds.info. You can also disable cookies in your browser settings, though this may affect some site functionality.

6. Chrome Extension Privacy

Our Chrome extension performs technology detection locally in your browser session and does not transmit page source, headers, cookies, or detection evidence to Web Reveal servers.

  • Page access: Needed only to analyze the active page's publicly available HTML/assets and response headers for technology detection.
  • Local storage: The extension stores lightweight preferences (for example, popup open count and review-prompt dismissal state) on your device via Chrome storage.
  • No sale of extension data: We do not sell extension-derived data, and we do not use extension content for advertising profiling.

7. Third-Party Advertising

We use Google AdSense to display advertisements on our site. Google, as a third-party vendor, uses cookies to serve ads based on your prior visits to this and other websites. Google's use of advertising cookies enables it and its partners to serve ads based on your visit to our site and/or other sites on the internet.

  • Google's use of the DoubleClick DART cookie enables it to serve ads to users based on their visit to our site and other sites on the internet.
  • Users may opt out of the use of the DART cookie by visiting the Google advertising privacy policy.
  • Third-party vendors, including Google, use cookies to serve ads based on a user's prior visits to our website or other websites.
  • For more information about how Google uses data when you use our site, please visit Google's Privacy Policy.

8. Your Rights and Data Subject Request Workflow

Depending on your jurisdiction, including the EEA and UK, you may have rights to access, rectify, erase, restrict, object to processing, and data portability. You may also have the right to withdraw consent at any time where processing is based on consent.

  • Submit requests to privacy@webreveal.io with the request type and sufficient details to locate relevant records.
  • We verify requester identity before actioning rights requests, which may include confirming account control or domain-authority evidence where relevant.
  • We acknowledge requests within 7 calendar days and aim to complete requests within 30 days. If an extension is legally permitted, we will notify you with reasons and revised timing.
  • You may lodge a complaint with your local supervisory authority (including an EU authority or the UK ICO, as applicable) if you believe your rights were not handled correctly.

9. Controller/Processor Roles and DPA

For most direct users of Web Reveal, we act as an independent data controller for account, billing, security, analytics, and product operations.

Where we process personal data on behalf of a business customer under a written contract, we act as a processor for that scoped processing and the customer remains the controller.

Business customers needing a Data Processing Agreement (DPA) can request one at legal@webreveal.io. We provide DPA terms covering processing scope, security, subprocessors, and international transfer safeguards where required.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@webreveal.io