Privacy Policy

1. Introduction

This Privacy Policy explains how Clone Detector (“we”, “us”, “our”), a service operated by Essential AI Ltd, collects, uses, discloses, and safeguards your personal information when you use our website and domain clone detection services.

We respect your privacy and are committed to protecting your personal data. Please read this policy carefully to understand our practices regarding your personal data and how we will treat it.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, and password when you register for an account
• Billing Information: Payment card details (processed securely by Stripe), billing address, and transaction history
• Domain Information: Domains you submit for scanning and monitoring
• Communications: Information you provide when contacting our support team

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, scan history, and service interactions
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, referring URLs
• Cookies: Essential and analytics cookies (see Section 8)

2.3 Scan Results Data

When you initiate domain scans, we collect publicly available information about potential clone domains, including:

• Domain registration data (WHOIS records)
• DNS configurations
• SSL/TLS certificate information
• Publicly accessible website screenshots
• Page content and metadata

This data relates to third-party domains, not your personal information, and is collected from publicly available sources.

3. How We Use Your Information

Purpose	Legal Basis
Provide and maintain our services	Contract performance
Process payments and billing	Contract performance
Send service notifications and alerts	Contract performance
Respond to support requests	Contract performance / Legitimate interests
Improve and develop our services	Legitimate interests
Ensure security and prevent fraud	Legitimate interests / Legal obligation
Comply with legal requirements	Legal obligation
Send marketing communications (with consent)	Consent

4. Data Sharing

We do not sell your personal data. We may share your information with:

• Payment Processors: Stripe processes payments on our behalf and is PCI-DSS compliant
• Cloud Infrastructure: Amazon Web Services (AWS) hosts our services within the EU/UK region
• Email Services: For transactional emails and notifications
• Analytics Providers: Google Analytics for anonymised usage statistics
• Legal Requirements: When required by law, court order, or government request

All third-party processors are bound by data processing agreements and are required to protect your data in accordance with UK GDPR.

5. International Data Transfers

Your data is primarily stored and processed within the United Kingdom and European Economic Area (EEA). Where transfers outside these regions are necessary (e.g., certain cloud services), we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the UK ICO
• Adequacy decisions where applicable
• Binding corporate rules of service providers

6. Data Retention

• Account Data: Retained while your account is active and for 30 days after account deletion
• Scan Results: Retained indefinitely as they contain publicly available information (user association removed upon account deletion)
• Billing Records: Retained for 7 years to comply with UK tax and accounting requirements
• Support Communications: Retained for 2 years after resolution
• Log Data: Retained for 90 days for security purposes

7. Your Rights

Under UK GDPR, you have the following rights:

To exercise any of these rights, please contact us using the details below. We will respond within one month of receiving your request.

8. Cookies

We use cookies and similar technologies to:

• Essential Cookies: Enable core functionality such as authentication and security
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Understand how you use our services (Google Analytics)

You can control cookies through your browser settings. Disabling essential cookies may affect service functionality.

9. Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Secure password hashing (bcrypt)
• Regular security assessments and monitoring
• Access controls and authentication requirements
• Employee training on data protection

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10. Children’s Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our website. We encourage you to review this policy periodically.

12. Complaints

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

• Website: ico.org.uk
• Telephone: 0303 123 1113