Legal

Privacy Policy

Last updated: May 21, 2026  ·  Effective: May 21, 2026

Limited Use Policy

Devora Ad Scan's use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

Data collected by this extension is used solely to provide the ad policy compliance audit service described in this policy. We do not use your data for advertising, profiling, or any purpose beyond the core functionality of the extension. Data is never sold, transferred, or disclosed to third parties except as required to operate the service (AI analysis provider) or as required by law.

Overview

Devora Ad Scan ("we", "our", or "us") provides an AI-powered ad policy compliance audit platform, including a browser extension and web application designed for publishers and ad operations professionals. This Privacy Policy explains how we collect, use, store, and protect your information.

By using our services — including the web application and the browser extension — you agree to the practices described in this policy.

Data We Collect

Account Information

When you register for an account, we collect:

  • Full name
  • Email address
  • Encrypted password (never stored in plain text)
  • Subscription status

Usage Data

When you use the platform, we automatically collect:

  • URLs of web pages you explicitly submit for audit
  • Audit results, compliance scores, and policy findings
  • Device type, browser type, and operating system
  • IP address (used for security and rate-limiting only)
  • Timestamps of platform interactions

Browser Extension Data Practices

Our browser extension enables one-click page auditing directly from your browser. Below is a precise description of what the extension accesses and what it does not.

What the Extension Accesses

  • Active tab URL and page content — only when you explicitly click "Run Policy Audit." The extension reads the current page's HTML, visible text, and structural elements to perform the compliance check.
  • Page screenshot (Vision Mode only) — when Vision Mode is active, the extension captures a screenshot of the visible area of the current tab and transmits it to our API alongside the page content for visual analysis. No screenshots are taken passively or without your action.
  • Authentication token — stored locally in your browser to authenticate your requests with our API.

What the Extension Does NOT Do

  • Does not run in the background or collect data passively
  • Does not access pages you have not explicitly chosen to audit
  • Does not collect your browsing history
  • Does not inject ads, affiliate links, or third-party scripts into pages
  • Does not access cookies, passwords, or form data
  • Does not sell or share page content with any third party beyond the AI processing described in this policy

Extension Permissions Explained

  • activeTab — reads the URL and content of the current tab only when you interact with the extension
  • scripting — injects an analysis script into the current page to collect structural data (HTML elements, ad slots, layout regions) needed for the compliance audit
  • storage — stores your authentication token, analysis preferences, and cached audit results locally in your browser
  • tabs — allows the side panel to detect when you navigate to a new tab or page, so it can display the correct audit state without requiring manual refresh
  • identity — enables Google Sign-In so you can authenticate using your existing Google account
  • sidePanel — displays the audit interface in the browser's built-in side panel
  • Host permissions (adscan.devoraadops.com) — required to submit page data to our API for analysis

How We Use Your Data

We use the data we collect exclusively to:

  • Provide and operate the audit platform and browser extension
  • Generate AI-powered compliance reports for your submitted pages
  • Track your audit history and usage within your account
  • Detect abuse, fraud, or violations of our Terms of Service
  • Improve the accuracy and reliability of our compliance analysis
  • Respond to support requests

We do not sell your personal data or page content to any third party. We do not use your data for advertising or profiling purposes.

AI Processing

To perform compliance analysis, page content you submit for audit is processed using AI language models provided by OpenAI. The text content and, when Vision Mode is enabled, a screenshot of the page are transmitted to OpenAI's API for analysis.

  • Only pages you explicitly submit are processed
  • OpenAI's API data usage terms restrict training on API inputs
  • We do not submit personally identifiable account information to AI models — only the page content you choose to audit
  • Audit results are stored in our systems and tied to your account

Third-Party Services

We use the following third-party services to operate our platform:

Google Disclaimer

Our service is not affiliated with, endorsed by, or officially connected to Google LLC or any of its products. References to Google Ad Manager™, Google AdSense™, and other Google products are solely descriptive of the compliance context this tool addresses. All Google trademarks are property of Google LLC.

Data Retention

  • Account data — retained while your account is active and for up to 30 days after deletion
  • Audit results — retained for the duration of your subscription; historical results for free-tier accounts may be purged after 90 days of inactivity
  • Usage logs — retained for up to 12 months for security purposes
  • Billing records — retained for 7 years as required by applicable financial regulations

You may request deletion of your account and associated data at any time by contacting us at support@devoraadops.com.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you
  • Rectification — Request correction of inaccurate data
  • Erasure — Request deletion of your personal data
  • Portability — Request a machine-readable export of your data
  • Objection — Object to certain types of processing

To exercise any of these rights, contact us at support@devoraadops.com. We will respond within 30 days.

Security

  • All data transmitted between your browser, extension, and our servers is encrypted using TLS/HTTPS
  • Passwords are hashed using bcrypt and never stored in plain text
  • API authentication tokens are scoped and can be revoked
  • Access to production systems is restricted to authorised personnel

Children's Privacy

Our service is intended for users aged 18 and over. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at support@devoraadops.com.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, registered users will be notified by email before the changes take effect.

Contact Us

For any questions or requests relating to this Privacy Policy or your personal data: