Privacy Policy

Last updated: June 1, 2026

This Privacy Policy explains how Page Refresh AI (pagerefresh.io) collects, uses, and stores your information when you use our service.

Information We Collect

We collect the minimum data needed to provide the service:

• Email address — collected when you sign in via Google OAuth or magic link.
• URLs you submit — the web page URLs you provide for analysis.
• Usage data — the number of analyses you run per month, used to enforce plan limits.
• Analytics data — aggregate page views, sessions, referrer hosts, device/browser information, and product interaction events used to understand and improve the service.
• First-party event data — privacy-safe events such as CTA clicks, audit starts, audit completions, signup starts, and checkout starts. These events may include page paths, entry sources, plan names, report IDs, and a random local session ID. We do not store submitted page URLs, email addresses, or full referrer URLs in this event log.

We do not collect payment card details directly. Payments are handled by Creem.

How We Use Information

• Authenticate your account and maintain your session.
• Run AI-powered analysis on the URLs you submit.
• Track usage to apply free and paid plan limits.
• Measure traffic sources, page performance, and key product interactions so we can improve Page Refresh AI.
• Send transactional emails (magic link sign-in, plan confirmations).

We do not sell your data or use it for advertising.

Data Storage

Your account data, submitted URLs, and analysis results are stored in Supabase, which is hosted on AWS infrastructure. Data is stored in the us-east-1 region unless otherwise configured. Supabase is SOC 2 compliant.

First-party analytics events are stored in Supabase with row-level security and are written server-side. Browser clients cannot read or write the event table directly.

Third-Party Services

We use the following third-party services to operate Page Refresh AI:

• Supabase — database and authentication (supabase.com).
• OpenRouter / OpenAI — AI model API used to analyze page content. When you submit a URL for analysis, the page content is fetched and sent to an AI model via OpenRouter. This content is subject to OpenRouter's and the underlying model provider's data policies.
• Creem — payment processing for paid plans.
• Vercel — hosting and edge delivery.
• Google Analytics — aggregate website and product usage analytics.
• Vercel Analytics and Speed Insights — aggregate page analytics and performance monitoring.

Cookies

We use session cookies to keep you logged in. We also use analytics technologies from Google Analytics and Vercel to measure aggregate traffic, product usage, and performance. We do not use these tools for advertising, and we do not sell your data.

Data Retention

We retain your account data and analysis history for as long as your account is active. If you delete your account, your data will be removed from our systems within 30 days. URL submissions and analysis results may be retained in logs for up to 90 days for debugging purposes before being purged.

Your Rights

You have the right to:

• Request a copy of the data we hold about you.
• Request deletion of your account and associated data.
• Correct inaccurate information in your account.

To exercise any of these rights, contact us at the address below.

Contact

Questions or requests regarding your data? Email us at support@pagerefresh.io.