Skip to main content
Data Protection

GDPR Compliance

Last updated: January 1, 2026

Our commitment to protecting your personal data under the General Data Protection Regulation (GDPR)

Your RightsContact DPO

Our GDPR Commitment

  • Lawful, fair, and transparent data processing
  • Data collected for specified, explicit purposes
  • Data minimization - only what's necessary
  • Accurate and up-to-date information
  • Limited storage duration
  • Strong security measures
  • Accountability and compliance documentation
  • Privacy by design and default

Your Data Rights

Under GDPR, you have the following rights regarding your personal data

  • Right to Access

    Request a copy of all personal data we hold about you.

  • Right to Rectification

    Request correction of inaccurate or incomplete personal data.

  • Right to Erasure

    Request deletion of your personal data ('right to be forgotten').

  • Right to Restrict Processing

    Request limitation of how we process your data.

  • Right to Data Portability

    Receive your data in a structured, machine-readable format.

  • Right to Object

    Object to processing based on legitimate interests or marketing.

To exercise any of these rights, please contact our Data Protection Officer

Contact DPO

Data We Collect

Transparency about what data we collect and why

Account Information

  • Name
  • Email address
  • Company name
  • Job title

Purpose

Account management and service delivery

Retention

Duration of account + 30 days

Usage Data

  • Features used
  • Pages visited
  • Time spent
  • Queries made

Purpose

Service improvement and analytics

Retention

2 years

Technical Data

  • IP address
  • Browser type
  • Device information
  • Location

Purpose

Security, troubleshooting, and service optimization

Retention

90 days

Communication Data

  • Support tickets
  • Emails
  • Chat messages
  • Feedback

Purpose

Customer support and service improvement

Retention

3 years

Under GDPR, we must have a valid legal basis for processing your personal data. We rely on the following bases:

Contractual Necessity

Processing necessary to perform our contract with you, including providing our AI visibility tracking services and managing your account.

Legitimate Interests

Processing necessary for our legitimate business interests, such as improving our services, preventing fraud, and ensuring network security.

Consent

Where required, we obtain your explicit consent for certain processing activities, such as marketing communications and non-essential cookies.

Legal Obligation

Processing necessary to comply with legal obligations, such as tax requirements and responding to lawful requests from authorities.

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection
  • Binding Corporate Rules for group companies

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance. You can contact our DPO for any data protection inquiries:

[email protected]

Supervisory Authority

If you are located in the EEA and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local supervisory authority. You can find your local authority at the EDPB website(opens in new tab).

Data Processing Agreements

For business customers who process personal data through our services, we offer a Data Processing Agreement (DPA) that meets GDPR requirements. Contact us at [email protected] to request a DPA.