Skip to main content
DORA Auditor

Privacy Policy

Last updated:

This policy explains how DORA Auditor handles personal data. We aim to collect as little as possible and to process it lawfully under the GDPR.

What we collect

When you submit a form, for example to unlock a readiness report, request a shortlist, or contact us, we collect the details you provide (such as name, work email, company, and entity type) and basic technical metadata (such as the page you submitted from and a timestamp).

How we use it

We use your details solely to respond to your enquiry and to send the resource you requested. Submissions are delivered to our team by email using Resend, our email-delivery processor. We do not load your data into a CRM, we do not sell it, and we do not run third-party marketing automation on it.

Legal basis

We process form data on the basis of your consent, given via the checkbox at submission, and/or our legitimate interest in responding to your enquiry. You may withdraw consent at any time.

Retention and your rights

We keep enquiry data only as long as needed to handle your request. Under the GDPR you have the right to access, rectify, erase, and port your data, and to object to processing. To exercise these rights, contact us.

Cookies and analytics

We use privacy-friendly measurement and do not use advertising cookies. Any analytics are configured to minimise personal data.

Placeholder: add your data-controller identity, contact address, and any processors (e.g. Resend, hosting) before launch, and have this reviewed for your jurisdiction.