Privacy Policy

FrictionPilot is an AI customer journey testing tool. Users enter public website URLs that they own, manage, or are authorized to evaluate. FrictionPilot captures public page evidence and generates reports about conversion friction, trust gaps, CTA clarity, pricing clarity, ad-readiness, and AI-agent readiness.

The service is intended for legitimate website testing, conversion review, landing page validation, agency reporting, and scheduled retesting workflows.

When you create an account, we may collect your name, email address, password hash, billing status, report credits, and related account settings.

When you run a test, we store the URL, domain, business type, journey goal, selected persona, captured page evidence, screenshots, reports, findings, share links, scheduled retest settings, and related activity logs.

When you configure agency branding, we may store company name, website, contact email, logo URL, report title, and footer note.

FrictionPilot only analyzes public pages reachable from the provided URL. Users must only test websites they own, manage, or are authorized to evaluate.

Captured evidence may include screenshots, visible text, headings, CTAs, forms, links, and other public page signals needed to generate the report.

Do not submit private dashboards, authenticated pages, confidential customer portals, or websites you are not authorized to test.

Reports may include public share links. Anyone with an enabled share link may be able to view that report.

Users can disable public sharing or regenerate a share token from the Share Center. Regenerating a token invalidates the old public link.

Shared reports may include screenshots and findings from the tested public website. Review reports before sending them to clients or third parties.

FrictionPilot tracks basic public report access events, such as shared report opens and PDF report opens. This helps agencies know whether a client opened a report.

For privacy, report-view tracking is intentionally lightweight. It may store event time, channel, referrer, user agent, and a hashed IP value. Raw IP addresses should not be displayed in the product.

The product does not use invasive session replay, cross-site advertising tracking, or hidden client surveillance as part of the MVP report-view workflow.

FrictionPilot may use Stripe or another payment provider to process report-credit purchases. Payment details are handled by the payment provider and are not stored directly by FrictionPilot.

We may store billing records such as package name, credits purchased, payment status, Stripe session reference, and related credit ledger events.

FrictionPilot may use AI providers to generate reports from captured website evidence. Do not submit sensitive, private, regulated, or confidential information unless you are authorized and understand the risks.

AI-generated findings should be reviewed by a human before making business, legal, financial, or compliance decisions.

During the MVP and beta period, scan data, screenshots, reports, billing records, notifications, and logs may be retained to support product functionality, troubleshooting, and account history.

Users may request deletion of account or report data when deletion workflows are available or by contacting support.

FrictionPilot uses reasonable technical safeguards for account authentication, database storage, payment flow separation, and access-controlled dashboard pages.

No internet-connected service can guarantee perfect security. Users should avoid submitting secrets, credentials, private customer data, or confidential pages.

For privacy questions, contact the FrictionPilot team through the support channel listed on the product website or account dashboard.