Skip to main content

Privacy Policy

Last updated: 6 May 2026

Who we are

PromptScore is operated by Performance Peak Ltd, a company registered in England and Wales. When you use PromptScore you interact with us as a data controller under UK GDPR.

Contact: lee@performancepeak.co.uk

What data we collect

  • Scan data: The URL you submit and the results of the scan (scores, check outputs).
  • Lead data: If you request a PDF report: your name, email address, company, role, and the scan ID. We also record whether you consented to marketing communications.
  • Technical data: A one-way hashed (SHA-256 + salt) representation of your IP address, used only to detect abuse and rate-limit submissions. We cannot reverse this to your IP address.

Legal bases for processing

  • Legitimate interests, processing your URL to produce scan results, and sending you the PDF report you requested.
  • Consent, marketing emails (AI readiness tips and updates). You may withdraw consent at any time.

How we use your data

  • Generate and email your PDF report.
  • If you opted in, send occasional emails about AI search readiness from Performance Peak.
  • Improve our scoring model (aggregated, non-identifying analysis only).

We do not sell your data to third parties. We do not use your data for advertising.

Data retention

  • Scan results, retained for 30 days, then automatically deleted.
  • Lead records, retained until you request deletion, or 2 years of inactivity, whichever comes first.

Your rights

Under UK GDPR you have the right to access, correct, or erase your personal data; the right to restrict or object to processing; and the right to data portability. To exercise any right, email lee@performancepeak.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the UK ICO at ico.org.uk.

Unsubscribing

Every marketing email includes a one-click unsubscribe link. You can also email us to unsubscribe. Transactional emails (your PDF report delivery) are not affected by unsubscribing.

Analytics

PromptScore uses Vercel Analytics to understand how visitors use the site. This is cookie-less and does not collect personally identifiable information. Specifically:

  • We track page views and anonymised usage events such as scan started, scan completed, and whether the email gate was used.
  • URLs are never sent to analytics. Scan URLs are hashed (a one-way fingerprint) before being recorded as custom event properties.
  • No persistent identifiers (cookies, device fingerprints) are set.
  • All analytics data is processed by Vercel and subject to their privacy policy at vercel.com.

Cookies

PromptScore does not use tracking or advertising cookies. We may use a single session cookie for functional purposes (e.g., CSRF protection), which expires when you close your browser.

Third-party processors

  • Supabase (EU region), database
  • Vercel, hosting and privacy-preserving analytics
  • Resend, transactional email delivery
  • Anthropic, AI-graded checks (URL content only, not personal data)