Privacy Policy

Last updated: May 22, 2026

The short version

We do not store the vendor name you entered or your individual answers. Only your email address and aggregate score band are retained, to send you the PDF and any opt-in follow-up content you requested.

What this site does and does not collect

aivendoraudit.org is a static informational site with one interactive feature: the six-point diligence survey. The survey runs entirely in your browser. While you are taking it, the following data lives only on your device (in sessionStorage so a refresh does not lose your progress):

• The vendor name you typed (if you typed one — it is optional and skippable)
• Each of your six yes / no / I-don't-know answers
• The current survey step

This data is never transmitted to our server while you are taking the survey. It is cleared from your browser when you complete the email step or when you click “Restart.”

What we collect when you request the PDF

When you submit the email form on the result screen to receive a PDF copy of your audit, our server receives:

• Your email address (required)
• Optional firm name and role/title, if you chose to provide them (these are displayed to you on the form but are not persisted to our database in this version of the site — they are used only to personalize the email itself)
• Your aggregate score band only — one of: “Incomplete information,” “Mixed signals,” or “Strong signals”
• UTM parameters from the link that brought you to the site, if any (used to understand which ads and channels are reaching CPAs effectively)

We do not persist the vendor name you typed. We do not persist your individual answers. We do not log your IP address.

The vendor name and individual answers are used only in-memory to populate the PDF the server sends you, then dropped when the request ends. They are not written to disk, blob storage, or any database.

How long we keep your email

Your email address is retained until you unsubscribe. You can unsubscribe by replying to any email we send with “unsubscribe” in the subject line, or by emailing [email protected].

Third-party processors

We use the following third parties to operate the site:

• Vercel (hosting) — sees standard HTTP request metadata such as IP address for the duration of each request. We do not log this metadata ourselves.
• Supabase (database) — stores the email address, score band, and UTM parameters described above.
• Resend (transactional email) — receives your email address and the PDF in order to deliver the message.

Each of these processors has its own privacy policy. We do not currently use analytics or advertising trackers on this site. If we add Meta Pixel, Google Ads tags, or LinkedIn Insight Tag in a later release, this policy will be updated and the change will be noted in the “Last updated” date at the top.

Cookies

We do not set any cookies on this site for tracking purposes. The survey uses your browser's sessionStorage (not a cookie) only to remember your progress if you refresh the page mid-survey. sessionStorage is cleared automatically when you close the tab.

Your rights (GDPR, CCPA)

You have the right to access, correct, or delete any personal data we hold about you (which, in this version of the site, is limited to your email address and score band). To exercise any of these rights, email [email protected]. We will respond within 30 days.

California residents have additional rights under the CCPA, including the right to know what categories of personal information we collect, the right to opt out of any sale or sharing of that information (we do not sell or share personal information), and the right to non-discrimination for exercising these rights.

Contact

aivendoraudit.org is operated by MDN Solutions LLC, a Wyoming limited liability company. For any privacy question, email [email protected].