What this policy covers
FeedScan ("we," "us," "our") operates feedscan.io and provides Google Shopping structured data validation and monitoring services. This policy describes what personal information we collect from site visitors, free scan users, and paid subscribers, how we use that information, and the rights you have regarding it.
From free scan users
When you submit a store URL for scanning, we collect:
- The store URL you submit
- Your IP address (for rate limiting and abuse prevention)
- Basic usage data: pages viewed, scans run, referrer URL, browser user-agent
From paid subscribers
In addition to the above, paid subscribers provide:
- Email address (for monitoring alerts and account communications)
- Payment information — collected and stored exclusively by Stripe; FeedScan never sees, stores, or handles your card number
- Store domain(s) to monitor
- Subscription metadata: signup date, plan type, billing status
From cold outreach recipients
FeedScan may contact ecommerce store owners using business contact information obtained through publicly available sources and third-party enrichment services (Apollo). If you receive an outreach email from us and have not subscribed, you may opt out at any time by clicking the unsubscribe link or by replying with "unsubscribe." Upon opt-out, your email is added to a suppression list and you will not be contacted again.
Automatically collected information
Our email delivery provider, SendGrid, captures standard delivery metrics including open events, click events, and bounce status to monitor deliverability. We do not use this data to build behavioral profiles.
Data is used only to
- Perform the schema scan you requested
- Generate and store your scan report
- Enforce rate limits (5 free scans per day per IP)
- Track aggregate usage statistics (total scans, unique stores)
- Send monitoring alerts if you subscribe to a paid plan
- Process and manage your subscription through Stripe
- Respond to support requests or questions you initiate
- Notify you of material changes to the service or these policies
Public data only
FeedScan only accesses publicly available information: your store's sitemap and product page HTML. We extract structured data (JSON-LD) the same way any search engine crawler would. We do not access private data, admin panels, customer databases, or anything behind authentication.
Scan results contain only information that is already publicly visible on your storefront.
Our commercial email practices
All commercial emails sent by FeedScan, including monitoring alerts and cold outreach, comply with the federal CAN-SPAM Act. Every outreach email includes:
- Clear identification of FeedScan as the sender
- An honest, non-deceptive subject line
- A functioning unsubscribe mechanism
- Our contact email for opt-out requests
Unsubscribe requests are honored within 10 business days. To opt out at any time, click the unsubscribe link in any email or contact scan@feedscan.io.
Who processes data on our behalf
We work with the following providers to operate the service. Each processes data only to the extent necessary to fulfill their function:
- Stripe — payment processing and subscription billing. Privacy Policy
- SendGrid (Twilio) — email delivery for monitoring alerts and outreach. Privacy Policy
- Railway — backend server infrastructure. Privacy Policy
- Netlify — static page hosting. Privacy Policy
We do not authorize any of these providers to use your personal information for their own marketing or advertising purposes.
What cookies we use
FeedScan does not set first-party advertising or tracking cookies. Two types of third-party cookies may be set:
- Stripe.js cookies — set during checkout to enable fraud detection and secure payment sessions. Strictly functional.
- Netlify operational cookies — short-lived session identifiers for load balancing and security. Do not track you across other sites.
We use localStorage for minimal client-side state only (e.g., scan count). We do not run advertising trackers, retargeting pixels, or third-party analytics.
How long we keep your data
Scan reports are stored indefinitely to support shareable report links. Active subscriber records are retained for the life of your subscription. After cancellation, billing records are retained for up to 90 days for reconciliation, after which personal information is deleted.
Opt-out suppression records containing only an email address and opt-out date are retained indefinitely to prevent re-contact. This is required for CAN-SPAM compliance.
You can request deletion of your scan data at any time by emailing us.
This service is not for minors
FeedScan is a B2B service directed exclusively at business professionals. We do not knowingly collect personal information from anyone under the age of 13. If we discover we have inadvertently received such information, we will delete it promptly. Contact scan@feedscan.io if you believe this has occurred.
Requests you can make at any time
- Access — request a copy of the personal data we hold about you
- Correction — request that inaccurate information be corrected
- Deletion — request deletion of your account and associated personal data
- Opt-out — opt out of outreach emails at any time
Submit requests to scan@feedscan.io. We respond within 5 business days.
If FeedScan is acquired or sold
If FeedScan undergoes a merger, acquisition, asset sale, or similar transaction, subscriber information may be transferred to the acquiring entity. We will use commercially reasonable efforts to require the acquiring entity to honor this privacy policy. If a material change in data handling would result, we will notify active subscribers by email prior to that change and provide an opportunity to cancel.
How updates are handled
We may update this Privacy Policy from time to time. The date at the top of this page reflects the most recent revision. For material changes, active subscribers will be notified by email at least 14 days before the changes take effect.