Privacy Policy

Content you submit for a check. When you paste text, a link, a phone number, or upload an image, we send it to our analysis providers to generate a verdict. We do not store the raw content of your checks. We retain only the resulting verdict metadata — for example the risk level, a short summary, and the type of content checked.

Account information. If you create an account, our authentication provider (Clerk) stores your email address and sign-in details. We never see or store your password.

Payment information. Paid plans are handled by Stripe. Stripe processes your card details directly — we never receive or store your full card number. We keep a record of your subscription status and plan.

Usage and technical data. We record limited data such as your IP address (used to enforce free-tier rate limits and prevent abuse), the number of checks performed, and basic request logs.

Community reports. If you flag something as a scam or leave a comment, we store the text you submit and a one-way reference derived from your IP to prevent spam. Comments are public.

• To analyse the content you submit and return a scam verdict.
• To enforce usage limits and prevent abuse of the service.
• To manage your account and subscription.
• To maintain a community scam database that warns other users about numbers and websites reported as fraudulent.
• To improve the accuracy and reliability of our checks.

We use trusted third-party processors to run the service. The content of a check may be sent to one or more of these depending on what you submit:

• Anthropic (Claude AI) — analyses submitted content to produce a verdict.
• Clerk — account authentication.
• Stripe — subscription payments.
• Supabase — database hosting (verdict metadata, community reports, subscription status).
• Vercel — application hosting and request logs.
• Google (Safe Browsing, Cloud Vision) — link reputation and reverse-image checks.
• Sightengine — AI-generated / deepfake image detection.
• Public registers (Companies House, FCA) and threat databases (URLhaus) for company and link verification.

We do not sell your personal data. We only share it as needed to provide the service or where required by law.

Raw check content is not retained beyond the time needed to produce a verdict. Verdict metadata, community reports, and account/subscription records are kept for as long as your account is active or as needed to provide the service and meet legal obligations. You can ask us to delete your account data at any time.

Under UK GDPR you have the right to access, correct, or delete your personal data, to object to or restrict processing, and to data portability. To exercise any of these rights, contact us at support@guardurai.com. You also have the right to complain to the UK Information Commissioner’s Office (ICO).

We use essential cookies to keep you signed in and to operate the service. We do not use advertising cookies for tracking across other websites. If we introduce advertising on the free tier in future, we will update this policy and request consent where required.

Guardurai is not intended for children under 13, and we do not knowingly collect their data.

We may update this policy from time to time. Material changes will be reflected by the “last updated” date above.

Questions about this policy or your data? Email us at support@guardurai.com.