Legal

PRIVACY
POLICY.

Last updated: May 21, 2026

This Privacy Policy explains how KeelCadence collects, uses, stores, and protects information when you use KeelCadence websites, Salesforce diagnostic tools, audit workflows, downloadable reports, and related services.

KeelCadence provides self-serve Salesforce diagnostic tools, including Permission & FLS Audit, Field & Object Audit, and other Salesforce org health diagnostics. These tools are designed to help users review Salesforce configuration, metadata, permissions, field usage, access exposure, and related operational risk.

By using KeelCadence, you agree to the practices described in this Privacy Policy.

1

About KeelCadence

KeelCadence provides self-serve Salesforce diagnostic tools designed to help users understand Salesforce org configuration, permissions, field usage, and related org health indicators.

KeelCadence tools are diagnostic and informational. They generate on-screen findings and optional downloadable reports to help users review configuration, identify cleanup opportunities, and prioritize remediation work.

KeelCadence tools are designed to run read-only Salesforce metadata and aggregate configuration diagnostics. The current tools do not require a managed package install or Connected App setup.

2

Scope of This Privacy Policy

This Privacy Policy applies to:

  • The KeelCadence main website.
  • KeelCadence audit applications and subdomains.
  • Salesforce diagnostic workflows.
  • Downloadable audit reports.
  • Payment-related report access workflows.
  • Product support, deletion requests, and related communications.

Future KeelCadence diagnostic tools may collect similar read-only Salesforce metadata and aggregate configuration information needed to generate the selected audit report. If a future tool materially changes the type of data collected or how data is used, KeelCadence will update this Privacy Policy.

3

Information KeelCadence May Collect

KeelCadence may collect information needed to operate the website, run audits, generate reports, process payments, provide support, and maintain the service.

Depending on the website, app, audit type, and workflow used, this may include:

  • Information you submit by email, such as support questions, deletion requests, Report IDs, and related message content.
  • Salesforce org information needed to run an audit, such as Org ID, org name, Salesforce instance URL, selected objects, selected audit options, and audit configuration settings.
  • Salesforce metadata and aggregate configuration information, such as object names, field names, field labels, data types, page layout names, profile names, permission set names, field-level security settings, object permission settings, record counts, populated counts, fill-rate percentages, access counts, and related diagnostic summaries.
  • Audit outputs, diagnostic summaries, report metadata, downloadable workbook files, report paths, timestamps, error states, paid/unpaid status, and related audit history.
  • Payment-related status information, such as Stripe Checkout session ID, payment status, amount paid, and product purchased.
  • Basic technical information from website and application use, such as browser, device, IP address, request metadata, server logs, page usage, consent status, and session information.
  • Website and product usage analytics collected through Google Analytics 4 after analytics consent is granted.

KeelCadence diagnostic audits are designed to avoid querying or storing individual Salesforce business record values. The reports focus on metadata, permissions, configuration, and aggregate counts.

4

What KeelCadence Does Not Collect or Use

KeelCadence diagnostic tools are designed to be data-minimal.

Unless otherwise stated, KeelCadence does not:

  • Require a managed package install.
  • Require Connected App setup for the current Session-ID audit flow.
  • Store OAuth refresh tokens for the current Session-ID audit flow.
  • Retain Salesforce Session IDs in the application database, logs, reports, or XLSX files.
  • Query or store individual Salesforce business record values as part of the current diagnostic audits.
  • Store full credit card numbers, CVV codes, or full payment card details.
  • Sell personal information.
  • Use audit report data for advertising.
  • Use advertising pixels or retargeting pixels.
  • Use fingerprinting.
  • Use session replay.
  • Use email marketing automation.
5

Salesforce Access and Session ID Handling

KeelCadence tools use session-based Salesforce access during the audit workflow.

Depending on the tool, the Salesforce Session ID may exist temporarily in an application session cookie and process memory while the audit is running. The Session ID is used to complete read-only Salesforce diagnostic requests.

KeelCadence does not store Salesforce Session IDs in its application database, logs, downloadable reports, or XLSX files. Session IDs are used only during the active audit workflow and are discarded after the audit completes or fails.

KeelCadence does not use OAuth refresh tokens for the current Session-ID audit flow and does not maintain long-lived Salesforce access.

The specific Salesforce data available to KeelCadence during an audit may depend on your Salesforce permissions, org configuration, browser session, Salesforce API behavior, and the audit type selected.

6

Salesforce Data Used in Reports

Depending on the audit selected, KeelCadence may collect and store Salesforce metadata and aggregate configuration information needed to generate the report.

Examples may include:

  • Salesforce Org ID and instance URL.
  • Object API names and labels.
  • Field API names and labels.
  • Data types.
  • Field population counts and percentages.
  • Page layout names.
  • Profile names.
  • Permission set names.
  • Object permission settings.
  • Field-level security settings.
  • Counts of profiles or permission sets granting read or edit access.
  • Diagnostic summaries, risk indicators, and recommendation outputs.

KeelCadence does not intentionally collect individual Salesforce business record values in the current diagnostic audits. Field usage analysis is based on aggregate counts, such as how many records have a field populated, rather than exporting record-level values.

7

Audit Reports and Retention

KeelCadence may generate downloadable XLSX reports and related audit metadata.

Reports may include Salesforce metadata and configuration details from the selected audit, such as object names, field names, profile names, permission set names, access settings, layout references, aggregate usage counts, and diagnostic recommendations.

Audit reports and related metadata are retained for up to 90 days from the audit date, then deleted by automated purge jobs. Deletion removes report files and related database records.

You may request earlier deletion by emailing support@keelcadence.com. Include your Report ID and enough information for KeelCadence to locate the relevant report.

Some KeelCadence tools may also offer a self-serve deletion action when you are connected to the app. Where available, that action deletes associated audit runs, related database records, report files, and session information for the connected user.

8

Payments and Stripe

KeelCadence uses Stripe Checkout to process paid report purchases.

Stripe handles card entry and payment processing. KeelCadence does not store card numbers, CVV codes, or full payment card details.

KeelCadence stores limited payment status information, such as Stripe Checkout session ID and paid/unpaid status, to confirm report access and support payment-related troubleshooting.

Stripe may process customer email, payment details, IP address, billing information, transaction records, and related payment information under Stripe's own terms and privacy policy.

9

Cookies and Similar Technologies

KeelCadence uses cookies and similar technologies for application functionality, audit workflow operation, analytics consent, and website/product usage analytics.

KeelCadence audit applications may use an application session cookie to operate the audit workflow. Depending on the app, the session cookie may contain session-related values such as Salesforce Session ID, Salesforce instance URL, Org ID, Salesforce user ID, username, display name, terms consent timestamp, admin/session state, and related session information.

Application session cookies are used for audit functionality and are cleared when the user disconnects, deletes the session where available, or the session expires.

KeelCadence also uses local storage or similar browser storage to remember analytics consent preferences.

10

Google Analytics 4

KeelCadence uses Google Analytics 4 for website and product usage analytics. GA4 is consent-gated and is used to understand traffic, page usage, and high-level audit funnel activity.

GA4 may collect information such as page views, referral sources, device and browser information, approximate location, interaction data, and usage patterns after analytics consent is granted.

KeelCadence configures GA4 to use sanitized page views and limited event parameters. KeelCadence does not send Salesforce Session IDs, Org IDs, usernames, display names, Report IDs, audit run IDs, Stripe session IDs, object names, field names, profile names, permission set names, downloaded workbook contents, or raw audit error messages to GA4.

KeelCadence does not use GA4 to analyze Salesforce audit report contents, downloaded workbooks, Salesforce metadata findings, or paid report data.

GA4 may set analytics cookies such as _ga and _ga_* after analytics consent is granted. Users may decline analytics cookies through the KeelCadence consent banner where provided or manage cookies through browser settings.

11

Third-Party Services

KeelCadence may use third-party services to operate the website, host applications, process payments, deliver web assets, analyze usage, and support product operations.

Current or expected third-party services may include:

  • Stripe for payment processing.
  • Replit for application hosting.
  • Google Analytics 4 for consent-based website and product usage analytics.
  • Google Fonts for font delivery.
  • unpkg.com and Cloudflare-backed CDN services for JavaScript library delivery.
  • Salesforce for read-only diagnostic requests initiated by authorized users against their own Salesforce orgs.
  • Domain, DNS, or website infrastructure providers used to operate KeelCadence domains.

These providers may process information according to their own terms and privacy policies.

KeelCadence does not share audit data with advertisers, data brokers, retargeting platforms, or email marketing automation providers.

12

How KeelCadence Uses Information

KeelCadence may use information to:

  • Operate the website and audit applications.
  • Run Salesforce diagnostic audits.
  • Generate on-screen findings and downloadable reports.
  • Provide paid report access.
  • Process payment status through Stripe.
  • Provide product support.
  • Respond to questions, deletion requests, and report-related inquiries.
  • Maintain report access for a limited period.
  • Improve audit logic, report quality, site performance, and user experience.
  • Understand high-level product usage and audit funnel activity.
  • Detect misuse, abuse, technical issues, or unauthorized activity.
  • Maintain security, troubleshooting, accounting, tax, legal, and operational records.
  • Comply with applicable legal or business obligations.
13

Data Sharing

KeelCadence does not sell personal information.

KeelCadence may share information when needed to:

  • Operate the website and tools.
  • Process payments.
  • Host reports or diagnostic outputs.
  • Provide support.
  • Investigate misuse, fraud, abuse, or security issues.
  • Comply with legal, tax, accounting, security, or operational obligations.
  • Protect KeelCadence, users, customers, or third parties.

KeelCadence may also share information with service providers that process information on KeelCadence's behalf.

14

Data Security

KeelCadence uses reasonable technical and organizational measures to protect information from unauthorized access, misuse, loss, or disclosure.

KeelCadence audit apps are designed to avoid storing Salesforce Session IDs in databases, logs, reports, or XLSX files. Application session cookies are intended to support active audit functionality, and audit reports are retained for a limited period.

No internet-based service can guarantee absolute security. You are responsible for using KeelCadence only from secure devices, secure browsers, and Salesforce accounts you are authorized to access.

15

User Responsibilities

You are responsible for ensuring that your use of KeelCadence complies with your organization's policies, Salesforce access rules, data governance requirements, and applicable law.

You should only run audits against Salesforce orgs that you are authorized to access, review, or administer.

You are responsible for reviewing audit findings before making Salesforce configuration, access, security, or business process changes.

16

Deletion Requests

You may request deletion of a specific audit report or related diagnostic output by contacting support@keelcadence.com. Include your Report ID and enough information for KeelCadence to locate the relevant report.

Some KeelCadence tools may also provide a self-serve deletion action. Where available, that action may delete audit runs, related report files, associated database records, and session information for the connected user.

Some information may be retained where required for payment records, legal obligations, tax records, accounting, security, fraud prevention, dispute resolution, or legitimate operational needs.

17

Your Choices

You may contact KeelCadence to:

  • Ask privacy-related questions.
  • Request deletion of a report.
  • Ask how report data is handled.
  • Request support with a specific Report ID.
  • Ask about payment-related report access.
  • Ask to stop receiving non-essential communications, if any.

Contact: support@keelcadence.com

You may also manage analytics cookies through the KeelCadence consent banner where provided or through your browser settings.

18

Children's Privacy

KeelCadence is intended for business and professional use. It is not directed to children and should not be used by anyone under 18.

19

International Users

KeelCadence is operated from the United States. If you access KeelCadence from outside the United States, your information may be transferred to and processed in the United States or other locations where KeelCadence or its service providers operate.

20

Changes to This Privacy Policy

KeelCadence may update this Privacy Policy from time to time. Updates will be posted on this page with a revised "Last updated" date.

Continued use of KeelCadence after changes are posted means you accept the updated Privacy Policy.

21

Contact

Questions about this Privacy Policy, report deletion, or data handling may be sent to:

support@keelcadence.com

KeelCadence uses session cookies and Google Analytics 4 for site usage insights. GA4 does not receive Salesforce credentials, Org IDs, Report IDs, or payment data. You can opt out for this browser.