Privacy Policy

1. Introduction

Reaudit, Inc. ("Reaudit," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI search visibility platform and related services (collectively, the "Services").

Company Information:
Reaudit, Inc.
4 Adelfon Giannidi, Moschato, Attica, Greece
Email: hello@reaudit.io
Phone: +30 697 330 5186

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, company name, phone number
• Profile Information: Job title, industry, company size, preferences
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Content Data: Website URLs, content you submit for analysis, prompts, queries, and optimization requests
• Communications: Messages, feedback, support requests, and survey responses

2.2 Information Collected Automatically

• Usage Data: Pages viewed, features used, time spent, click patterns, search queries
• Device Information: IP address, browser type and version, operating system, device identifiers, device fingerprints
• Location Data: Geographic location based on IP address (country, city, region, timezone)
• Cookies and Tracking: Session data, preferences, analytics data (see Cookie Policy)
• Performance Data: Error logs, crash reports, system performance metrics
• Activity Logs: Complete logs of all account actions including login times, feature usage, content generations, and API calls with timestamps

2.3 Fraud Prevention Data

To protect against fraud and ensure the security of our Services, we collect:

• IP Addresses: Recorded at registration, each login, and during payment transactions
• Device Fingerprints: Browser characteristics, screen resolution, timezone, language settings
• Payment Verification: Billing address verification, payment method details (processed by Stripe)
• Behavioral Patterns: Usage patterns that may indicate fraudulent activity
• Terms Acceptance Records: Timestamp, IP address, and device information when you accept our Terms of Service

2.4 Information from Third Parties

• AI Search Visibility Data: Publicly available rankings, citations, and mentions from AI-powered search engines, collected through our proprietary monitoring technology
• Website Analytics: Data from your connected websites and platforms
• Integration Data: Information from WordPress, Webflow, Wix, and other connected services
• Authentication Services: Profile information from OAuth providers (Google, GitHub, etc.)

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: Provide, maintain, and improve our AI visibility tracking and optimization services
• AI Visibility Analysis: Monitor your brand presence across AI-powered search engines using publicly available search results
• Content Optimization: Analyze and optimize your content for AI discoverability
• Analytics & Reporting: Generate reports, dashboards, and performance metrics
• Account Management: Create and manage your account, authenticate users, process payments
• Communication: Send service updates, notifications, marketing communications (with consent)
• Customer Support: Respond to inquiries, troubleshoot issues, provide technical assistance
• Security: Detect fraud, prevent abuse, ensure platform security
• Legal Compliance: Comply with legal obligations, enforce terms, protect rights
• Research & Development: Improve algorithms, develop new features, conduct analytics

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data based on:

• Contract Performance: Processing necessary to provide our Services
• Legitimate Interests: Improving services, security, analytics (balanced against your rights)
• Consent: Marketing communications, optional features, cookies
• Legal Obligations: Compliance with applicable laws and regulations

5. Information Sharing and Disclosure

We may share your information with:

5.1 Service Providers

• Payment processors (Stripe)
• Analytics services (Google Analytics)

5.2 AI Visibility Monitoring

Our AI visibility monitoring service analyzes publicly available AI search results to track how brands appear across AI-powered search engines. This monitoring is performed using our proprietary technology and does not involve any direct API integration with, or data transfer to, third-party AI providers.

Important: We do NOT share your personal information, account data, Google Analytics data, Google Search Console data, or any identifiable user data with any third-party AI providers. No user data is transferred to AI companies, and no data is provided for training AI models.

5.3 Business Transfers

In connection with mergers, acquisitions, or sale of assets, your information may be transferred to the acquiring entity.

5.4 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights, safety, or property.

5.5 With Your Consent

We may share information with third parties when you explicitly consent.

6. Data Retention

We retain your information for as long as necessary to provide our Services and comply with legal obligations:

• Account Data: Retained while your account is active and for 90 days after deletion
• Usage Data: Retained for up to 2 years for analytics and service improvement
• Financial Records: Retained for 7 years as required by law
• Marketing Data: Retained until you unsubscribe or request deletion
• Legal Records: Retained as required by applicable laws
• Fraud Prevention Data: Activity logs, IP addresses, and device information retained for 7 years
• Terms Consent Records: Retained indefinitely as proof of agreement

7. Fraud Prevention & Evidence Retention

7.1 Why We Collect This Data

We collect fraud prevention data to:

• Protect against fraudulent transactions and unauthorized account access
• Verify the identity of users making purchases
• Detect and prevent abuse of our Services
• Comply with payment processor requirements
• Provide evidence in case of payment disputes or chargebacks

7.2 Use in Payment Disputes

In the event of a payment dispute or chargeback, we may use the following data as evidence:

• Records of your acceptance of our Terms of Service (timestamp, IP address, device)
• Login history and activity logs demonstrating service delivery and usage
• IP addresses and device information from registration and subsequent logins
• Feature usage data showing you accessed and used the Services
• Email confirmations and communications

7.3 Retention Period

Fraud prevention data and activity logs are retained for a minimum of 7 years to comply with legal requirements and to protect against disputes that may arise after account closure.

8. Your Rights and Choices

8.1 Access and Portability

You can access and export your data through your account dashboard or by contacting us at hello@reaudit.io.

8.2 Correction and Deletion

You can update your information in your account settings or request deletion by contacting us.

8.3 Marketing Communications

You can opt out of marketing emails by clicking "unsubscribe" or updating your preferences.

8.4 Cookies

You can control cookies through your browser settings. See our Cookie Policy for details.

8.5 GDPR Rights (EEA Users)

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with supervisory authority

8.6 CCPA Rights (California Users)

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising rights

9. Data Security

We implement security measures to protect your information:

• Encryption: TLS 1.3 encryption for data in transit, AES-256 encryption for data at rest via MongoDB Atlas
• Access Controls: Role-based access control, secure session management, principle of least privilege
• Infrastructure Security: Cloudflare DDoS protection and WAF, Docker containerized deployment
• Dependency Scanning: Automated vulnerability scanning of third-party packages
• Confidentiality: All team members sign confidentiality agreements
• Incident Response: Documented incident response plan with breach notification procedures

For full details, see our Security page and Trust Center.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by relevant data protection authorities
• EU-U.S. Data Privacy Framework (where applicable)
• Your explicit consent for specific transfers

11. Children's Privacy

Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the "Last Updated" date
• Sending email notification for significant changes
• Requiring acceptance for material changes affecting your rights

14. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us:

15. Google API Data & Limited Use Policy

Reaudit's use of information received from Google APIs, including Google Search Console and Google Analytics APIs, adheres to the Google API Services User Data Policy, including the Limited Use requirements.

• Google user data is used only to provide and improve the features visible to you within Reaudit.
• Google user data is never transferred to, shared with, or used by any third-party AI providers (including OpenAI, Anthropic, or any other AI company).
• Google user data is never used to develop, train, or improve generalized AI or machine learning models.
• Google user data is never sold, rented, or used for advertising or other commercial purposes beyond delivering the Reaudit service.
• We do not allow humans to read your Google user data unless you give explicit permission, it is necessary for security, or we are required by law.

16. Specific Tracking Disclosures

We track and analyze the following data comprehensively:

• All user interactions with our platform (clicks, views, searches)
• AI search engine rankings and citations for your brand
• Website performance and optimization metrics
• Content engagement and effectiveness data
• Competitor analysis and market intelligence
• User behavior patterns and preferences
• System performance and error logs
• API usage and integration data

This comprehensive tracking enables us to provide accurate AI visibility insights, optimize your content, and continuously improve our services.