Cookie Policy
Last updated: 2026-06-30
This page lists every cookie set by WebAuditFix, what it does, how long it lasts, and whether it requires your consent under the EU ePrivacy Directive (implemented in Ireland as the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011).
1. Cookies we use
| Name | Purpose | Duration | Type |
|---|---|---|---|
session |
Holds a cross-site request forgery (CSRF) token so the audit form can be submitted safely. Required for the service to work. | Until you close your browser | Strictly necessary, first-party |
2. Cookies we do not use
WebAuditFix does not set, and does not allow third parties to set, any of the following:
- Analytics cookies (no Google Analytics, no Plausible, no Matomo, no anything).
- Advertising or retargeting cookies.
- Social-media tracking pixels.
- Persistent identifiers across visits.
We do not embed third-party scripts on any page of this site, and no third party can read cookies from our domain.
3. Portal subscription — redirect to Stripe
The single-URL audit and the Premium Compliance PDF that accompanies it
are free and do not involve any payment step. Paid plans are sold
through the portal at portal.webauditfix.com
(see the Pricing page) — Starter, Pro, and Founder
subscriptions for managing multiple client sites. When you start a
subscription, or click "Manage billing" inside the portal, your browser
is redirected to Stripe's hosted pages at checkout.stripe.com
or billing.stripe.com. While you are on either Stripe
domain, Stripe may set its own cookies on its own domain for fraud
prevention, session management, and statistical purposes; we have no
ability to read or control those cookies. After checkout (or when you
close the billing portal) Stripe redirects you back to
WebAuditFix — your visit on our domain still uses only
the strictly-necessary session cookie in Section 1.
Stripe's own cookie policy is at stripe.com/cookie-settings; Stripe is the data controller for any data they collect during checkout or in the billing portal.
4. Why there is no consent banner
The Irish ePrivacy Regulations and the EDPB's guidance require consent for storing or accessing information on a user's device unless that storage is strictly necessary to provide a service the user has explicitly requested. The single cookie we set (CSRF protection on the audit form) falls within that strictly-necessary exemption, so no banner is required.
If we ever add a non-essential cookie, we will deploy a consent mechanism and update this page before that cookie is set.
5. Managing or refusing cookies
You can block or delete cookies in your browser settings at any time. If you block our session cookie, the audit form will reject your submission (the CSRF check will fail) — you can still read the rest of the site, but you will not be able to start a scan.
We respect the DNT ("Do Not Track") browser header in the sense
that we have nothing to track regardless of the header's value.
6. Changes to this policy
The "Last updated" date above reflects the most recent revision. Material changes — particularly the introduction of any new cookie — will be reflected here before the change is rolled out.
7. Contact
Questions about cookies on this site: email [email protected].