AISEOTRACKER.COM ("we", "us", or "our") is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR).
What is GDPR?
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the European Union (EU) and the European Economic Area (EEA).
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: When you provide explicit consent for specific purposes (e.g., signing up for our service)
- Contractual necessity: To provide our services when you create an account
- Legitimate interests: For analytics, security, and service improvement (balanced against your privacy rights)
- Legal obligation: When required by law (e.g., tax records, legal compliance)
Your Rights Under GDPR
As a data subject, you have the following rights:
1. Right of Access
You can request information about what personal data we hold about you and how it's processed.
2. Right to Rectification
You can request correction of inaccurate or incomplete personal data.
3. Right to Erasure ("Right to be Forgotten")
You can request deletion of your personal data in certain circumstances.
4. Right to Restrict Processing
You can request that we limit how we use your personal data in certain situations.
5. Right to Data Portability
You can request your personal data in a structured, machine-readable format.
6. Right to Object
You can object to processing based on legitimate interests or for direct marketing.
7. Rights Related to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing.
How to Exercise Your Rights
To exercise any of these rights, please contact us at:
Email: support@aiseotracker.com
Subject: GDPR Data Subject Request
Please include:
- Your full name and email address
- Specific right you wish to exercise
- Any relevant details to help us locate your data
We will respond to your request within 30 days of receipt.
Data We Collect
Under GDPR, we collect and process:
- Identity Data: Name, email address (when you sign in with Google)
- Profile Data: Google profile picture, preferences
- Usage Data: AI queries, search history, service usage analytics
- Technical Data: IP address, browser type, device information
- Communications Data: Any correspondence with our support team
Data Retention
We retain your personal data only as long as necessary:
- Account Data: Until you delete your account
- Usage Analytics: 26 months (anonymized after 14 months)
- Support Communications: 3 years for customer service purposes
- Legal Compliance: As required by applicable law
Data Transfers
Your data may be transferred to and processed in:
- Switzerland: Our offices
- Germany: Our primary data hosting location
- United States: For certain service providers (with appropriate safeguards)
All transfers are protected by appropriate safeguards, including:
- Adequacy decisions
- Standard contractual clauses
- Binding corporate rules
Data Security
We implement appropriate technical and organizational measures:
- Encryption of data in transit and at rest
- Regular security assessments
- Access controls and authentication
- Staff training on data protection
- Incident response procedures
Third-Party Processors
We work with the following data processors:
- Google (OAuth): For authentication services
- Hetzner: For hosting our database, API, and website
- Polar: EU-based payment processor
- PostHog: For privacy-focused product analytics
All processors are bound by data processing agreements (DPAs) ensuring GDPR compliance.
AI Model Providers
We use various AI model providers to deliver our AI visibility scanning service. These providers process your queries temporarily but do not store your data:
- OpenAI (ChatGPT): For AI response analysis
- Anthropic (Claude): For AI response analysis
- Google (Gemini): For AI response analysis
- Perplexity: For AI search analysis
- OpenRouter: As an API gateway for multiple AI models
Important privacy protections:
- All privacy settings are enabled with these providers
- Your queries are processed temporarily and not stored by AI providers
- No data is retained or used for training by these services
- We configure all API calls to prevent data storage or public exposure
- Processing occurs only for the duration needed to generate responses
These providers act as data processors under our instructions and are bound by their own privacy commitments that align with GDPR requirements.
Data Breach Notification
In case of a personal data breach:
- We will notify the relevant supervisory authority within 72 hours
- We will inform affected individuals without undue delay if there's a high risk to their rights
- We maintain records of all data breaches
Children's Data
We do not knowingly collect personal data from children under 16 years of age. If we become aware that we have collected such data, we will delete it promptly.
Supervisory Authority
If you're not satisfied with how we handle your personal data, you have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State where you:
- Have your habitual residence
- Place of work
- Place where the alleged infringement occurred
For users in Switzerland, the relevant authority is: Federal Data Protection and Information Commissioner (FDPIC)
Data Protection Officer
For GDPR-related inquiries, contact our Data Protection Officer:
Email: support@aiseotracker.com
Address: Stardrop GmbH, c/o SWISS COMPANY AG, Bahnhofstrasse 21, 6300 Zug, Switzerland
Updates to This Notice
We may update this GDPR compliance notice to reflect changes in our practices or legal requirements. We will notify you of any material changes via email or prominent notice on our website.
Contact Us
For any questions about this GDPR compliance notice or our data practices:
- Email: support@aiseotracker.com
This notice complements our Privacy Policy and Terms of Service. In case of conflicts, this GDPR notice takes precedence for EU/EEA residents.