Privacy Policy
Keep the audit useful.
Keep the data footprint small.
Rocket Vitals is designed to scan sites, surface problems, and move on. This policy reflects that operating posture: limited collection, limited retention, and no unnecessary tracking.
Minimal collection
We only gather the data required to run scans, deliver reports, and keep the service operational.
No resale
Rocket Vitals does not sell scan data or personal information to third parties.
Short retention
Finished scan reports are deleted on a rolling basis after about 30 days via an automated job, so the product does not keep more than it needs.
Policy area
What We Collect
Rocket Vitals is built around data minimization. A basic scan can be run without an account, and we only collect personal information when you choose to provide it through sign-up, emailed reports, support requests, or purchases.
- URLs submitted for scanning
- Scan reports and generated findings
- Basic operational analytics such as page views, scan counts, and error rates
- Technical signals required for security and rate limiting, including IP addresses
That keeps the product useful without turning a simple audit into a larger data footprint than the job requires.
Policy area
How We Use Data
Collected data is used only to operate and improve the service.
- Generate, store, and display scan reports
- Improve product reliability and scan quality
- Prevent abuse through rate limiting and operational safeguards
The point is straightforward: run the scan, deliver the report, improve the system, and keep abuse under control.
Retention and cookies
The product is not trying to become a surveillance layer.
Data Retention
Reports are stored temporarily. Completed scans older than about 30 days are removed by an automated deletion job (runs may still be visible until they age out). Database backups may retain encrypted copies for a limited period consistent with our host’s practices. We do not sell your data. Signed-in users can download or delete account data from the Account page.
Cookies
We use cookies and local storage for essential operation (for example sign-in, preferences, and abuse prevention). If you accept the cookie banner, we also load first-party product analytics (PostHog) to measure traffic and performance in aggregate. Those scripts do not run until you accept. If you decline, they are not loaded. You can change your choice anytime via Cookie settings in the site footer. We do not sell personal information. We do not use third-party advertising or cross-site tracking cookies for ad targeting. Error monitoring (Sentry) may receive technical diagnostics on the server and does not use the marketing consent banner; we configure it to avoid sending cookie or auth header contents.
Subprocessors
Depending on how you use the product, data may be processed by: Supabase (PostgreSQL), Postmark (transactional email), Stripe (payments), Sentry (error monitoring), and PostHog (product analytics when you consent). Providers are vetted for security; agreements follow standard terms for each service.
International users
If you are in the EEA, UK, or Switzerland, you may have rights under applicable data protection laws, including to access, correct, delete, or restrict processing of personal data, and to lodge a complaint with a supervisory authority. Signed-in users can export or delete account data from the Account page; other requests can go through the contact channel linked below. Scans run without an account still involve minimal technical processing (such as the URL you submit and IP for rate limiting) as described above.
Cookie table (summary)
| Category | Technology | Purpose |
|---|---|---|
| Essential | Session / auth cookies, local storage | Sign-in, security, preferences, abuse prevention |
| Analytics (optional) | PostHog | Aggregate traffic and performanceLoaded only after you accept the banner |
Contact and updates
Need a clarification, deletion request, or policy question?
Questions about this policy should go directly to the team behind the product. That keeps support, privacy requests, and implementation conversations in one place.
Last updated
April 2026
If the policy changes materially, the updated version will be reflected here.
Privacy contact
Questions about the policy should go to Rocket Park.
For privacy questions, support requests, or anything related to how Rocket Vitals handles submitted data, contact the studio behind the product directly.