i3 Accessibility Checker
Privacy Policy

Your data, your control

We built this tool to make the web more accessible, not to harvest your data. This policy explains exactly what we collect, why, and how it is protected.

Effective: April 27, 2026 Last updated: April 27, 2026

1. Overview

The i3 WCAG 2.1 AA Accessibility Checker is a browser extension and companion web dashboard developed by i3 Verticals. This Privacy Policy describes how we handle information when you use either product.

We follow a local-first data principle: scan results and report history are stored on your own device. No scan content is transmitted to our servers unless you are using a cloud-connected version of the tool.

Short version: Your web accessibility scan results stay on your device. We collect an account email and profile only to let you sign in. We do not sell data, run ads, or share information with third parties for marketing.

2. Account Data We Collect

When you create an account (Sign Up) we collect the following information to authenticate you and personalise the interface:

Field Purpose Required?
First & last name Display in the dashboard header Yes
Email address Account identifier and password reset Yes
Password (hashed) Authentication stored as a SHA-256 hash; the plain-text password is never stored Yes
Designation / job title Display in the dashboard header Yes
Avatar choice (Male / Female) Profile illustration in the dashboard header Yes

We do not collect payment information, phone numbers, or government identifiers.

3. Scan & Report Data

When you run an accessibility scan, the extension analyses the DOM of the page you are visiting in your browser. The following data is generated:

  • Page URL and title — to identify which page was scanned
  • Accessibility issue details — WCAG criterion, severity, CSS selector, HTML snippet, and remediation guidance
  • Element screenshots — a cropped screenshot of the specific element flagged (up to 10 per page), stored as a base64 data URL
  • Scan summary metrics — number of criteria checked, number failed, overall score
Stored locally only. All scan data is stored in your browser's local storage (chrome.storage.local for the extension; localStorage for the web dashboard). It does not leave your device unless you explicitly use the Export function.

Saved reports are retained until you delete them manually (via the three-dot menu in the Reports list) or uninstall the extension. A maximum of 20 saved reports are kept; older reports are automatically pruned when the limit is reached.

4. How We Use Your Data

We use the information we collect only for the following purposes:

  • Authentication — to verify your identity when you sign in
  • Personalisation — to display your name, designation, and avatar in the dashboard
  • Password reset — to send reset instructions to the email address on your account
  • Report history — to store and display your previous accessibility scans so you can track progress over time

We do not use your data for advertising, profiling, or sale to any third party. We do not use automated decision-making that would produce legal or similarly significant effects on you.

5. Storage & Retention

Data type Where stored Retention
Account profile & hashed password Browser local storage (chrome.storage.local) Until you delete your account or uninstall the extension
Session token Browser local storage 8 hours from last sign-in (auto-expires)
Saved reports & scan data Browser local storage Until you delete them manually; maximum 20 reports
Element screenshots Embedded in the saved report (base64 data URL) Same as saved report; max 10 screenshots per page

Because all data resides in your browser, clearing your browser's site data or uninstalling the extension will permanently delete all stored information. We cannot recover this data on your behalf.

6. Data Sharing

We do not sell, trade, rent, or transfer your personal data to third parties.

The only circumstances under which data may leave your device are:

  • Exports you initiate — using the Export button (Excel / CSV / JSON) downloads a file to your computer. We have no visibility into what you do with this file.
  • Future cloud sync (opt-in) — if a cloud-connected version of this tool is made available, it will be clearly disclosed, require your explicit opt-in, and this policy will be updated before launch.
  • Legal obligation — if required to do so by applicable law, court order, or governmental authority, we may disclose information we hold. We will notify you where legally permitted to do so.

7. Security Measures

We implement the following measures to protect your information:

  • Password hashing — passwords are hashed using the Web Crypto API (SHA-256) before storage. The plain-text password is never stored or transmitted.
  • Session expiry — authentication sessions expire automatically after 8 hours, limiting exposure if a device is left unattended.
  • Content Security Policy — the extension enforces a strict CSP that prevents inline scripts and restricts resource loading to trusted origins only.
  • No remote code execution — the extension does not load remote scripts. All JavaScript runs from the locally installed package.
  • Manifest V3 — the extension uses Chrome's latest manifest format, which enforces stronger permission scoping and limits background activity.

While we take reasonable technical precautions, no system is completely immune to risk. We encourage you to keep your browser and operating system up to date.

8. Your Rights

Because all personal data is stored locally in your browser, you have full control at all times:

  • Access — your profile and reports are visible directly in the dashboard.
  • Deletion — delete individual reports via the three-dot menu. To delete your account and all associated data, clear the extension's site data in your browser settings or uninstall the extension.
  • Portability — export any report to JSON, CSV, or Excel at any time.
  • Rectification — re-register with corrected information if you need to update your profile.

If you are located in the European Economic Area (EEA) or United Kingdom and believe your rights under GDPR or UK GDPR are not being met, you may contact us at the address below or lodge a complaint with your local supervisory authority.

9. Children's Privacy

The i3 Accessibility Checker is a professional developer tool intended for adults. We do not knowingly collect personal information from children under the age of 13 (or 16 in the EEA). If you believe a child has provided personal information through this tool, please contact us and we will take steps to delete the data.

10. Policy Changes

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. If changes are material, we will display a notice in the dashboard or extension popup on first launch after the update.

Your continued use of the tool after any change constitutes acceptance of the revised policy. If you do not agree with a change, you may uninstall the extension and stop using the web dashboard.

11. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

Email: [email protected]
Website: i3verticals.com
i3 Verticals, LLC Nashville, TN, USA

We will respond to all legitimate privacy-related enquiries within 30 days.