PDPALens

Privacy Policy

Last updated: March 2026

1. Data Controller

PDPALens is an independent, solo-developed service. We do not collect personal data from users and do not process any personal data through this service.

2. Data We Collect

This service is read-only. We only scan the website you provide and check for required PDPA elements. We do not store any data from scans.

  • We do not store scanned URLs
  • We do not store scan results
  • We do not use cookies for scanning
  • We do not track individual users
  • Uses anonymized Vercel Analytics (no consent banner required)

3. Use of Data

Since we do not collect any data, we do not use your personal data. All scans are performed temporarily in memory and are not saved.

3.1 Headless Browser Rendering

To scan websites that use JavaScript, we use Browserless.io (a third-party headless browser service). When you submit a URL for scanning, Browserless.io renders the page to extract content. Browserless does not store the rendered content - it is processed in memory and discarded. No personal data is sent to Browserless - only the website URL you submit for analysis.

4. Data Disclosure

We do not disclose any data to third parties, as we do not collect any data.

5. Security

This service is hosted on Vercel with appropriate security measures. We use HTTPS for all communications.

5.1 Analytics

We use Umami Analytics, a privacy-friendly alternative to Google Analytics. We self-host Umami on our own server at umami.nerometa.dev.

  • Cookie-free
  • Anonymized data only
  • No cross-site tracking
  • No selling or sharing data with third parties
  • Data stored on our own server, not third-party cloud
  • Collects anonymized event data, such as scan button clicks with the scanned domain (no full URLs)

We also use Vercel Speed Insights to measure website performance. Speed Insights collects anonymized data only and does not collect personal data.

5.2 SEO Tools

To help our website be more discoverable in search engines, we use the following SEO tools:

  • Google Search Console: Helps us track website ranking and fix search issues. We add a verification meta tag to pages, which is an industry standard for website ownership verification. Does not collect personal data from our website visitors - it only collects data useful for website owners (e.g., search queries, clicks, rankings).

6. Data Subject Rights

Under the Personal Data Protection Act B.E. 2562 (PDPA), you have the following rights:

  • Right to be Informed
  • Right to Access
  • Right to Rectification
  • Right to Erasure
  • Right to Restriction
  • Right to Object
  • Right to Data Portability

Since we do not collect any personal data, there is no data to access or correct.

7. Contact

If you have questions about this privacy policy, please contact us at

nerometa@protonmail.com

8. Changes to Policy

We may update this policy periodically. Changes will take effect when posted on this page.

9. Cross-Border Data Transfer

Our web hosting (Vercel), analytics (self-hosted Umami), and headless browser (Browserless.io) may involve servers located outside Thailand. However, we do not transfer personal data to these services — only non-personal technical data required for service operation such as the website URL you submit for scanning.

Back to homepage