Privacy Policy

1. Information We Collect

We collect information that you provide directly, information generated while you use the Services, and information received from connected integrations.

• Account and organization data: name, email address, organization name, seat assignments, and role metadata managed via our authentication provider.
• Service configuration: connected domains, sitemap locations, prompts, scoring thresholds, workflow automation rules, and integration settings.
• Operational telemetry: application logs, audit trails, model prompts and responses, and usage analytics necessary to operate features such as URL diagnostics, AI benchmarking, and alerting.
• Third-party data sources: Search Console, Google Analytics 4, Bing, OpenRouter provider responses (e.g., ChatGPT, Claude, Gemini, Perplexity, Copilot, DeepSeek, Grok), and other services you connect. We access only the scopes you authorize.

2. How We Use Information

• Delivering URL-level diagnostics, AI answer benchmarking, dashboards, and alerts described in the Services.
• Providing customer support, product announcements, and security notifications.
• Improving Service performance, reliability, and user experience, including evaluating feature adoption.
• Preventing fraud, enforcing policies, and protecting the integrity of the Services.

3. Legal Bases for Processing

Where required, we rely on one or more legal bases: performance of a contract, legitimate business interests (such as securing and improving the Services), compliance with legal obligations, and your consent for optional integrations or marketing communications.

4. Data Retention

We retain data for as long as your organization maintains an active subscription or as needed to provide the Services. When an account is closed, we delete or anonymize personal information within a reasonable timeframe, unless retention is required for legal or compliance reasons.

5. Sharing and Disclosure

• Vendors and subprocessors: Hosting (Vercel), databases (Neon Postgres), authentication (Clerk), analytics, error monitoring, job processing, and AI inference providers engaged to run the Services. Contracts ensure data is handled securely and lawfully.
• Team members: Authorized employees and contractors who require access to perform their duties under confidentiality obligations.
• Legal requirements: We may disclose information if required to comply with applicable laws, regulations, or valid governmental requests.

6. International Data Transfers

We operate globally and may transfer information to countries where we or our subprocessors are located. When data is transferred outside the originating jurisdiction, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms.

7. Security

We implement administrative, technical, and physical safeguards designed to protect information, including role-based access controls, encryption in transit, credential rotation, monitoring, and incident response procedures. No system is completely secure, and we encourage you to maintain strong organizational security practices.

8. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict the processing of personal data, and to object to certain uses. You can manage most settings directly within the Services or by contacting us. We will respond to requests in accordance with applicable laws.

9. Children’s Privacy

The Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal data, please contact us so we can take appropriate action.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or in-product notifications. Continued use of the Services after changes take effect constitutes acceptance of the revised policy.

11. Contact

For privacy inquiries or data requests, please contact: