DJ
DataJelly
Data Security & Trust

How DataJelly collects, uses, and deletes your data

Guard monitors your production pages by scanning public content. Here's exactly what we collect, what we do with it, where it lives, and how it gets removed.

Last updated: June 2026

Our security principles

Public data only

Guard only scans the public web pages you explicitly add. We collect what any visitor or search engine would already see — no private dashboards, logins, or backend systems.

Encrypted infrastructure

All collected data is stored on encrypted, access-controlled infrastructure using industry-standard practices, in transit and at rest.

Enterprise-grade auth

User access is protected by Auth0, an enterprise identity provider. Your scan data is only ever accessible to your authorized DataJelly account.

Automatic deletion

Data is removed automatically on a retention schedule, or within hours of you deleting a Guard configuration or closing your account.

What we collect

Guard goes out and scans the public web pages you give us. For each scan it captures the same content a browser, visitor, or search crawler would receive — nothing private and nothing behind a login.

Rendered HTML

The HTML of the public page as it loads, so Guard can detect blank pages, missing content, and render integrity failures.

JavaScript

The scripts the page executes, so Guard can spot JS crashes, broken bundles, and script shells that return 200 but render nothing.

Screenshots

A visual snapshot of the rendered page, used to verify what real users and crawlers actually see.

Scan metadata

Technical details like HTTP status, response timing, page size, titles, and headings used to run our automated test suite.

What we do with it

Once a scan finishes, the collected data flows through our processing pipeline. Everything runs in a managed queue of background jobs scoped to your account.

Run the test suite

We run our full suite of automated production tests against the captured data to detect silent failures, render issues, and regressions.

Generate alerts

When a test finds a problem, Guard generates alerts and surfaces issues so you can fix them before they cost you traffic or revenue.

AI Report Cards

We use AI to generate daily and weekly Report Cards from the collected data — using only public page content.

No permanent data goes to AI models

Report Cards are generated from data that is already public on the pages you asked us to scan. No permanent data is stored by the AI models, and your data is never used to train them.

Where your data lives

All collected data is stored within DataJelly's own encrypted infrastructure and is always scoped to the customer who added the pages to our service.

Encrypted infrastructure

Data is stored using industry-standard encryption and access controls, both in transit and at rest.

Auth0 identity

We use Auth0 as our enterprise-grade authentication provider, so only your authorized account can reach your data.

Scoped to your account

Every piece of scan data is tied to the DataJelly customer who created it and is never shared across accounts.

How your data is deleted

We don't keep data longer than needed. There are three ways your collected data is automatically removed.

01

Plan-based retention

Every subscription tier has a defined data retention window. Our system automatically purges scan data once it ages past that window — no action required from you.

02

You delete a Guard config

If you remove a Guard configuration or the list of pages it monitors, all data we collected for those pages is automatically deleted within a few hours.

03

You close your account

If you delete or close your DataJelly account, all of your collected scan data is automatically removed within a few hours.

What we retain after an account closes

The only data we keep after an account is closed is billing records and basic communication records, which we retain to meet legal, tax, and accounting obligations. All collected scan data — HTML, JavaScript, screenshots, and metadata — is permanently removed.

GDPR & CCPA rights

We process data in line with the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA). Because Guard only handles publicly available page content scoped to your account, you keep full control. You have the:

  • Right to access the personal data we hold about you
  • Right to rectification of inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time

To exercise any of these rights, email privacy@datajelly.com. We respond within the timeframes required by applicable law.

Frequently asked questions

Does Guard collect any private or behind-login data?
No. Guard only scans the public web pages you provide. It captures what any anonymous visitor or search engine bot would see. It does not log into your systems, access private dashboards, or collect data that isn’t publicly served by the page.
Is my data used to train AI models?
No. We use AI to generate daily and weekly Report Cards from your collected scan data, but no permanent data is sent to or retained by the AI models, and the only content involved is already public from the pages you asked us to scan. Your data is never used for model training.
How long do you keep my scan data?
Scan data is retained according to your subscription tier’s retention policy, after which it is automatically and permanently deleted. You can also trigger deletion sooner by removing a Guard configuration or closing your account.
What happens to my data if I cancel or close my account?
All collected scan data is automatically removed within a few hours of you closing your DataJelly account. The only information we retain afterward is billing records and basic communication records, which we keep to meet legal, tax, and accounting obligations.
Where is my data stored and who can access it?
Data is stored on encrypted infrastructure and is scoped to the DataJelly customer who added the pages. Access is protected by Auth0 and limited to your authorized account. We never sell your data or share it with third parties except as required to deliver the service or by law.
Are you GDPR and CCPA compliant?
Yes. We process data in line with the GDPR and CCPA/CPRA. Because Guard only handles publicly available page content scoped to your account, and supports automatic deletion and data subject requests, you retain full control over your data. Contact privacy@datajelly.com to exercise any of your rights.
Do you use sub-processors?
Yes. We rely on a small set of trusted infrastructure and service providers (for example hosting, identity via Auth0, and AI for Report Card generation). These vendors are bound by contractual data protection obligations and only process data needed to deliver the service.
How do I request deletion or a copy of my data?
You can delete most data yourself by removing Guard configurations or closing your account. For a formal data access or deletion request, email privacy@datajelly.com and we’ll respond within the timeframes required by applicable law.

Questions about your data?

Our team is happy to walk you through how Guard handles security, retention, and compliance for your organization.

Email privacy@datajelly.comRead our Privacy Policy