Privacy Policy
Last updated: April 30, 2026
This policy explains what data Elevated Stores ("we", "us") collects when you use our service at elevatedstores.dev, why we collect it, and the choices you have. If you have questions, email hi@disputefighter.app.
What we collect
- Account info: the email address and password you provide at sign-up. Passwords are stored hashed by our auth provider (Supabase) — we never see them in plaintext.
- Audit inputs: the store URLs you submit and any options you set on each audit.
- Audit outputs: screenshots and HTML captured from the public pages of the stores you audit, along with the analysis we generate from them.
- Billing info: credit purchases are processed by Stripe. We receive a Stripe customer ID and the metadata of each transaction (amount, status). Card numbers and CVCs go to Stripe directly — they never touch our servers.
- Operational logs: IP address, browser type, and request timing, kept for security and abuse prevention. Retained for up to 30 days.
How we use it
- To run audits you request and show you the results.
- To deliver credits you purchase and process refunds.
- To prevent abuse (rate limiting, fraud detection, disposable email checks).
- To respond to your support emails.
We do not sell your data. We do not use your audit content to train AI models. We do not show ads.
Who we share it with
We use a small set of vendors to operate the service. They process data on our behalf under their own privacy terms:
- Supabase — authentication and database.
- Railway — backend hosting.
- Vercel — frontend hosting.
- Anthropic — the screenshots and URLs you submit are sent to Anthropic's Claude API to generate the audit. Anthropic does not retain this content for training. See Anthropic's privacy policy.
- Stripe — payment processing. Stripe handles all card data under PCI-DSS.
We'll only disclose your data outside this list when required by law (e.g., a valid subpoena) or to protect our rights or yours.
About the stores you audit
When you submit a store URL we visit only the publicly accessible pages of that store, the same as a regular shopper would. We don't bypass logins, paywalls, or robots.txt directives that forbid automated access. Don't submit URLs you don't have permission to audit.
Retention
- Audit screenshots: retained for 14 days, then automatically deleted.
- Audit summaries and scores: retained as long as your account is active so you can revisit history.
- Account data: retained until you delete your account.
- Operational logs: up to 30 days.
- Billing records: retained as long as required by tax and accounting law (typically 7 years).
Your rights
You can request a copy of your data, correct inaccurate information, or delete your account by emailing hi@disputefighter.app. Account deletion removes your audits and personal information; financial records required for tax compliance are retained.
If you're in the EEA or UK, you have additional rights under the GDPR (access, rectification, erasure, portability, objection, restriction, withdrawal of consent). If you're in California, you have rights under the CCPA. Email us to exercise any of these.
Cookies
We set a small number of cookies — strictly the ones needed to keep you signed in and to remember your theme preference. We don't use third-party tracking or advertising cookies.
Security
Data is encrypted in transit (HTTPS) and at rest. Access to production systems is restricted and logged. No system is perfectly secure, so if you discover a vulnerability please report it to hi@disputefighter.app.
Children
Elevated Stores is not directed at children under 13 (or 16 in the EEA), and we don't knowingly collect data from them.
Changes to this policy
We'll update this page when our practices change and bump the "last updated" date at the top. Material changes will be announced by email to active accounts.
Contact
Questions, requests, or concerns: hi@disputefighter.app.