Privacy Policy

Last updated: March 12, 2026

1. Introduction

Welcome to CoverTest Pro ("we", "our", "the Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our website covertestpro.com and our Chrome browser extension.

Please read this Privacy Policy carefully. By using the Service, you agree to the practices described in this policy.

Contact for privacy matters: privacy@covertestpro.com

2. Information We Collect

2.1 Information provided directly

When you use our Service, we may collect:

  • Account information: Name, email address, profile picture (obtained through Google OAuth during registration)
  • Payment information: Payments are processed entirely by LemonSqueezy. We do not collect or store credit card numbers or bank details on our servers
  • Newsletter email: Email address provided voluntarily to receive newsletters, product updates, and promotional communications

2.2 Information collected automatically

When you access our Service, we automatically collect:

  • Usage data: Information about how you use the Service, including features used (covers tested, tests executed, projects created)
  • License information: License key, device ID, device name, activation status
  • Log data: IP address, browser type, pages visited, date and time of access

2.3 Chrome Extension

Our Chrome extension DOES NOT collect any personal data, files, browsing history, or other data from your browser.

The extension communicates exclusively with our servers to:

  • Verify license validity
  • Synchronize license status

The only data transmitted is the license key and the email associated with the account for authentication.

3. How We Use Your Information

We use the information collected to:

  • Provide the Service: Manage your account, process transactions, provide customer support
  • Manage licenses and purchases: Verify license status, activate/deactivate devices
  • Improve the Service: Analyze usage to improve features and performance
  • Communications: Send you important updates about the Service, changes to terms, technical communications
  • Newsletter and promotions: Send newsletters, product updates, and promotional communications to users who have explicitly subscribed. You can unsubscribe at any time via the link included in every email
  • Security: Detect, prevent, and address technical or security issues
  • Legal compliance: Comply with applicable legal obligations

4. Third-Party Services

We use the following third-party services that may collect information:

4.1 LemonSqueezy (Payment Processing)

  • Purpose: Payment processing, order management
  • Data shared: Email, name, order information
  • Privacy Policy: lemonsqueezy.com/privacy

4.2 Google Analytics

  • Purpose: Web traffic analysis and user behavior
  • Data collected: Pages visited, session duration, anonymous demographics, device type
  • Legal basis: User consent (art. 6(1)(a) GDPR)
  • Privacy Policy: policies.google.com/privacy

4.3 Supabase (Database)

  • Purpose: Secure data storage
  • Data stored: All account and usage data
  • Privacy Policy: supabase.com/privacy

4.4 Vercel (Hosting)

4.5 Google OAuth (Authentication)

  • Purpose: Secure user authentication
  • Data received: Name, email, profile picture from your Google account
  • Privacy Policy: policies.google.com/privacy

4.6 PostHog (Product Analytics)

  • Purpose: User behavior analysis, product improvement, feature monitoring
  • Data collected: Interaction events (clicks, navigation, feature usage), device and browser information, IP address (anonymized), session duration, pages visited
  • Legal basis: User consent (art. 6(1)(a) GDPR)
  • Cookies and identifiers: PostHog uses first-party cookies and local storage to identify user sessions and improve analytics experience
  • Data retention: Data is stored on PostHog servers (with EU hosting option for GDPR compliance)
  • Opt-out: You can disable PostHog tracking by contacting us at privacy@covertestpro.com or using browser extensions that block trackers
  • Privacy Policy: posthog.com/privacy

5. Information Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes.

We may share your information only in the following cases:

  • Service providers: With the providers listed in Section 4, exclusively to provide the Service
  • Legal compliance: If required by law or to respond to valid legal proceedings
  • Protection of rights: To protect our rights, privacy, security, or property
  • Business transactions: In case of merger, acquisition, or asset sale (with prior notice)

6. Newsletter and Email Communications

We offer a newsletter service that you can subscribe to voluntarily. Subscription is based on your explicit consent (Art. 6(1)(a) GDPR), provided when you submit your email address through our newsletter subscription form.

Purpose of the newsletter:

  • Product updates and new feature announcements for CoverTest Pro
  • Tips and best practices for using the Service
  • Promotional offers and discounts
  • Important service announcements
We will never sell, rent, or share your email address with third parties for marketing purposes.

Opt-out:

You can unsubscribe from our newsletter at any time by clicking the unsubscribe link included in every email we send, or by contacting us at privacy@covertestpro.com. Upon unsubscription, we will promptly stop sending you newsletter communications.

Frequency and commitment:

We commit to sending communications at a reasonable frequency and will not spam your inbox.

Independence from user account:

Newsletter subscription is independent from your CoverTest Pro user account. You can subscribe to the newsletter without having an account, and having an account does not automatically subscribe you to the newsletter.

7. Data Retention

We retain your personal information for as long as necessary to:

  • Provide the Service while you maintain an active account
  • Comply with legal and accounting obligations
  • Resolve disputes and enforce our agreements

Specific retention periods:

  • Account data: Until account deletion
  • Payment/billing data: 10 years (tax obligations)
  • System logs: 90 days
  • Newsletter subscription data: Until unsubscription request
  • Aggregated usage data: Indefinitely (anonymized)

8. Data Security

We implement technical and organizational security measures to protect your data:

  • Encryption in transit: All communications occur via HTTPS/TLS
  • Encryption at rest: Sensitive data is encrypted in the database
  • Limited access: Only authorized personnel have access to personal data
  • Monitoring: Intrusion detection systems and audit logs

No method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

9. Your Rights (GDPR - EU/EEA Residents)

If you reside in the European Union or European Economic Area, you have the following rights:

RightDescription
AccessRequest a copy of your personal data
RectificationCorrect inaccurate or incomplete data
ErasureRequest deletion of your data ("right to be forgotten")
RestrictionRestrict processing of your data
PortabilityReceive your data in structured and readable format
ObjectionObject to processing for legitimate reasons
Withdraw consentWithdraw consent at any time

Legal basis for processing:

  • Contract performance: To provide the purchased Service
  • Consent: For marketing communications (if applicable)
  • Legitimate interest: To improve the Service and prevent fraud
  • Legal obligation: For tax and regulatory compliance

To exercise your rights, contact us at: privacy@covertestpro.com

We will respond within 30 days of receiving the request.

10. International Transfers

Your data may be transferred and stored on servers located outside your country of residence. In particular:

  • Vercel (Hosting): United States
  • Supabase (Database): United States or European Union (depending on configuration)
  • Google Analytics: United States
  • PostHog: United States or European Union (depending on configuration)
  • LemonSqueezy: United States

For transfers from the EU/EEA to third countries, we rely on:

  • Standard Contractual Clauses (SCC) approved by the European Commission
  • EU-US Data Privacy Framework (for certified providers)
  • Providers offering EU hosting options when available

11. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential cookies: Necessary for site operation (authentication, preferences) - do not require consent
  • Analytics cookies: To analyze site usage (Google Analytics, PostHog) - require your consent

11.1 Cookie consent

Upon first access to the site, you will be shown a cookie management banner. Analytics cookies (Google Analytics, PostHog) are only activated after obtaining your explicit consent. You can modify your preferences at any time.

11.2 Legal basis for analytics cookies

The processing of data through analytics cookies is based on user consent (art. 6(1)(a) GDPR). You have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

11.3 Cookie management

You can manage cookie preferences through:

  • The cookie management banner/panel on our site
  • Your browser settings
  • Provider-specific opt-out tools (Google, PostHog)

Disabling essential cookies may compromise some Service functionalities.

12. Minors

Our Service is not intended for persons under the age of 16. We do not knowingly collect personal data from minors. If we become aware of having collected data from a minor, we will delete it promptly.

13. Chrome Extension - Chrome Web Store Compliance

13.1 Limited Use Declaration

The use of information received from Google APIs will comply with the Chrome Web Store User Data Policy, including Limited Use requirements.

13.2 Extension permissions

The extension requires the following permissions:

PermissionReason
storageTo locally save user preferences and session state
activeTabTo interact with the current page when the user activates the extension

13.3 Communication with external servers

The extension communicates with our servers (api.covertestpro.com) exclusively to:

  • Verify license validity
  • Synchronize license status

Data transmitted:

  • License key
  • Email associated with the account (for authentication)

Data NOT collected by the extension:

  • Browsing history
  • Content of visited web pages
  • Local files
  • Data from other websites
  • Personal information beyond those listed above

13.4 Local storage

The extension stores locally in the browser (chrome.storage.local):

  • User preferences
  • Session token (encrypted)
  • License status cache

This data remains on your device and is not transmitted to our servers.

14. Changes to this Policy

We may update this Privacy Policy periodically. In case of substantial changes:

  • We will post the new policy on this page
  • We will update the "Last updated" date
  • We will notify you via email for significant changes

We recommend reviewing this policy periodically.

15. Contact

For questions or requests related to this Privacy Policy:

Email: privacy@covertestpro.com

Response time: We are committed to responding within 30 business days.

16. Supervisory Authority

If you believe that the processing of your data violates GDPR, you have the right to file a complaint with the supervisory authority of your country of residence.

For Italy: Garante per la Protezione dei Dati Personali

This Privacy Policy has been drafted in compliance with Regulation (EU) 2016/679 (GDPR) and Italian data protection regulations.