Plain-language privacy for a website built on trust.

1. Introduction

Lightly Coded is committed to protecting visitor and account privacy.

Lightly Coded ("we," "us," or "our") is committed to protecting the privacy of visitors to lightlycoded.com and the people who create accounts to use our audit platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

2. Information we collect

The information depends on how you use the site.

Information you provide

• Contact information such as name and email address.
• Optional details such as company name and phone number.
• Messages, business goals, website URLs, keywords, or audit details you submit.

Information collected automatically

• Usage data such as pages visited, referral source, time on site, and CTA interactions.
• Device data such as browser type, operating system, and approximate screen size.
• Cookie preferences and analytics settings — see our Cookie Notice for the full list and how to control them.

Account and audit-platform information

• Your email address (your only login identifier) and an optional display name.
• Passwordless "magic link" sign-in tokens and session records (including the IP and browser used to create a session) to keep your account secure.
• Audit reports, saved audit history, the business details you enter, credits, and a payment reference for purchases. We never receive or store your full card number.

3. How we use your information

Data is used to provide the thing you asked for.

• To prepare and deliver the free or paid audits you request.
• To create, operate, and secure your account.
• To store your audit history and process audit-credit purchases.
• To respond to forms, emails, and support requests.
• To understand how the site performs and improve its conversion paths.
• To comply with any applicable legal obligation.

Your contact information is never used for unrelated marketing, never sold, and never rented.

4. Data sharing and disclosure

Only the service providers needed to run the site are involved.

• XyrenMail: delivers contact-form and audit-request submissions to Lightly Coded.
• Google Analytics & Vercel Analytics: process anonymous usage data so we can understand how the site is used.
• Vercel: hosts the site and may log basic request metadata to operate the service.
• Stripe: processes audit-credit payments under its own privacy policy; we receive only a confirmation and a payment reference, never your full card number.
• Audit service: our own service fetches and analyzes the site (and any connected Search Console data) for the audit being run.
• Legal requirements: disclosure may occur when required by law, a valid court order, or a regulatory authority.

We do not sell your personal information or share it with advertisers, data brokers, or marketing networks.

5. Google Search Console data

Search Console access is read-only and used only for requested audits.

If you connect Google Search Console to run an in-depth audit, we access a limited amount of Google user data through Google's APIs, solely to produce the audit you request.

• What we access: read-only Search Console data (the verified properties you choose, plus impressions, clicks, and queries). We request only the read-only scope and cannot change your Search Console account.
• Why: only to generate the audit you asked for. Google user data is used for no other purpose.
• How it's stored: your authorization is held in encrypted form by our audit service and used only to fetch the data needed for your audits.
• Your control: disconnect Search Console or delete your account at any time to end our access.
• Sharing: Google user data is never sold, transferred, or used for advertising.

Lightly Coded's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

6. Data retention

Information is kept only as long as there's a business or legal reason.

Contact and audit submissions are kept only as long as needed to deliver the audit, respond to your enquiry, and complete related follow-up, then removed. You can ask us to delete a submission at any time.

Account details, sessions, audit history, and credit records are retained while your account is active; you can delete your account from settings at any time. Audit reports already produced may be retained by our audit service — email privacy@lightlycoded.com to have those removed too. Limited transaction records may be retained where required for legal, tax, or accounting purposes.

8. Security measures

Security is handled with standard protection practices.

We use HTTPS encryption in transit, platform-level hosting security on Vercel, restricted access to submissions, and passwordless sign-in to reduce password-storage risk. No method of internet transmission or storage can be guaranteed 100% secure.

9–10. Children and policy updates

This site is directed to businesses, not children.

Our services are intended for businesses and the people who run them, not individuals under 18. If you believe a child's personal information has been submitted, email privacy@lightlycoded.comand we'll delete it. Updates to this policy will appear on this page with a new "Last updated" date.