Privacy Policy

1. Introduction

CiteKit ("we," "our," or "us") operates the CiteKit platform, an AI Engine Optimization (AEO) service that helps businesses track and improve their visibility across AI platforms. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our services.

By using CiteKit, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and password when you create an account
• Business Information: Company name, website URL, brand names, and product information
• Payment Information: Billing address and payment details (processed securely by our payment provider, Stripe)
• Shopify Store Data: If you connect your Shopify store, we access product catalog information, store name, and related metadata
• Communication Data: Messages you send us through our contact forms or support channels

2.2 Information We Collect Automatically

• Usage Data: Pages visited, features used, audit history, and interaction patterns
• Device Information: Browser type, operating system, and device identifiers
• Log Data: IP address, access times, and referring URLs
• Cookies: See our Cookie Policy for detailed information

2.3 Information from Third Parties

• AI Platform Data: We query AI platforms (ChatGPT, Perplexity, Gemini, Claude) to check your brand and product visibility
• Shopify: Store and product data when you authorize our app
• Analytics Providers: Usage analytics and performance data

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our AI visibility tracking services
• Generate audits and insights about your brand's AI platform presence
• Send you notifications about audit results and alerts
• Process payments and manage your subscription
• Respond to your inquiries and provide customer support
• Send marketing communications (with your consent, where required)
• Analyze usage patterns to improve our platform
• Detect, prevent, and address technical issues or security threats
• Comply with legal obligations

4. How We Share Your Information

We may share your information with:

4.1 Service Providers

• Supabase: Database and authentication services
• Stripe: Payment processing
• Vercel: Hosting and content delivery
• OpenAI, Anthropic, Google: AI platform queries for visibility checks
• Analytics providers: Usage analytics

4.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

If CiteKit is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We do not sell your personal information to third parties.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. Specifically:

• Account data: Retained while your account is active, deleted within 30 days of account closure
• Audit history: Retained for 12 months to provide trend analysis
• Payment records: Retained for 7 years for tax and legal compliance
• Log data: Retained for 90 days for security and debugging purposes

6. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request your data in a machine-readable format
• Right to Object: Object to processing of your data for certain purposes
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent

To exercise these rights, contact us at privacy@citekit.com. We will respond to your request within 30 days.

7. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect about you
• Request deletion of your personal information
• Opt-out of the sale of your personal information (we do not sell personal information)
• Non-discrimination for exercising your privacy rights

8. Cookies and Tracking

We use cookies and similar tracking technologies to collect information about your browsing activity. These include:

• Essential cookies: Required for the platform to function
• Analytics cookies: Help us understand how visitors use our site
• Preference cookies: Remember your settings and preferences

You can control cookies through your browser settings. For more details, see our Cookie Policy.

9. Third-Party Services

Our service integrates with third-party platforms. When you use these integrations:

• Shopify: Subject to Shopify's Privacy Policy
• Stripe: Payment data is handled per Stripe's Privacy Policy
• AI Platforms: We query these platforms on your behalf; we do not share your personal data with them

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Employee training on data protection

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses for transfers from the EEA.

12. Children's Privacy

CiteKit is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@citekit.com
• Contact Form: /contact

For GDPR-related inquiries, you may also contact your local data protection authority.