WebAuditFix.
Standards Examples Case studies Pricing Login

Cookie Policy

Last updated: 2026-06-30

This page lists every cookie set by WebAuditFix, what it does, how long it lasts, and whether it requires your consent under the EU ePrivacy Directive (implemented in Ireland as the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011).

1. Cookies we use

NamePurposeDurationType
session Holds a cross-site request forgery (CSRF) token so the audit form can be submitted safely. Required for the service to work. Until you close your browser Strictly necessary, first-party

2. Cookies we do not use

WebAuditFix does not set, and does not allow third parties to set, any of the following:

  • Analytics cookies (no Google Analytics, no Plausible, no Matomo, no anything).
  • Advertising or retargeting cookies.
  • Social-media tracking pixels.
  • Persistent identifiers across visits.

We do not embed third-party scripts on any page of this site, and no third party can read cookies from our domain.

3. Portal subscription — redirect to Stripe

The single-URL audit and the Premium Compliance PDF that accompanies it are free and do not involve any payment step. Paid plans are sold through the portal at portal.webauditfix.com (see the Pricing page) — Starter, Pro, and Founder subscriptions for managing multiple client sites. When you start a subscription, or click "Manage billing" inside the portal, your browser is redirected to Stripe's hosted pages at checkout.stripe.com or billing.stripe.com. While you are on either Stripe domain, Stripe may set its own cookies on its own domain for fraud prevention, session management, and statistical purposes; we have no ability to read or control those cookies. After checkout (or when you close the billing portal) Stripe redirects you back to WebAuditFix — your visit on our domain still uses only the strictly-necessary session cookie in Section 1.

Stripe's own cookie policy is at stripe.com/cookie-settings; Stripe is the data controller for any data they collect during checkout or in the billing portal.

4. Why there is no consent banner

The Irish ePrivacy Regulations and the EDPB's guidance require consent for storing or accessing information on a user's device unless that storage is strictly necessary to provide a service the user has explicitly requested. The single cookie we set (CSRF protection on the audit form) falls within that strictly-necessary exemption, so no banner is required.

If we ever add a non-essential cookie, we will deploy a consent mechanism and update this page before that cookie is set.

5. Managing or refusing cookies

You can block or delete cookies in your browser settings at any time. If you block our session cookie, the audit form will reject your submission (the CSRF check will fail) — you can still read the rest of the site, but you will not be able to start a scan.

We respect the DNT ("Do Not Track") browser header in the sense that we have nothing to track regardless of the header's value.

6. Changes to this policy

The "Last updated" date above reflects the most recent revision. Material changes — particularly the introduction of any new cookie — will be reflected here before the change is rolled out.

7. Contact

Questions about cookies on this site: email [email protected].

© 2026 WebAuditFix · a product of Data Vision IT Consulting Limited · CRO 748035

Contact  ·  Privacy  ·  Cookies  ·  Terms  ·  Bot  ·  Affiliates