Last updated: 10.08.2025
1. Who We Are
This Privacy Policy explains how AEO Guru (“we”, “us”, “our”) processes personal data when you visit our website, create an account, or use our SaaS platform.
Contact: privacy@aeoguru.pro
2. Scope
This policy applies to:
- Visitors to our website
- Registered users of the AEO Guru SaaS platform
- Prospective customers contacted for B2B sales It does not apply to third-party websites or services we link to.
3. Data We Collect
3.1 Information You Provide
- Account data: name, email address, password (hashed), company name
- Billing data: subscription plan, payment method (processed by Stripe — we never store full credit card numbers)
- Project data: brand name, competitor names, queries, keywords
- Support interactions: email correspondence, support tickets
3.2 Information We Collect Automatically
- Log data: IP address, browser type, operating system, access times
- Usage data: features accessed, queries submitted, performance metrics
- Cookies and similar technologies: for authentication, analytics, and personalization
3.3 Information from Third Parties
- Stripe (payment processing)
- LLM providers (OpenAI, Anthropic, Perplexity — for query results)
- Search volume APIs (Keywords Everywhere, etc.)
4. Purposes & Legal Bases for Processing
| Purpose | Legal Basis | Examples |
|---|---|---|
| Provide the service | Contract | User authentication, query storage, dashboard display |
| Process payments | Contract | Subscription billing via Stripe |
| Improve and secure platform | Legitimate interests | Bug fixing, usage analytics |
| Send transactional emails | Contract/legal obligation | Subscription confirmation, alerts |
| Marketing communications | Consent | Newsletters, product updates |
| Compliance with law | Legal obligation | Tax reporting, fraud prevention |
5. How We Use LLM Providers
When you add queries and brands to your account, we send them to third-party LLM APIs to retrieve answers.
- We configure providers to opt-out of training on submitted data where possible.
- LLM responses are stored in Supabase for your account analysis.
6. Cookies & Tracking Technologies
We use:
- Strictly necessary cookies (authentication, session persistence)
- Functional cookies (user preferences)
- Analytics cookies (platform usage metrics)
- Marketing cookies (optional, disabled unless consented)
You can manage cookies via our consent banner or in your browser settings.
7. Sharing Your Data
We share data only with trusted service providers:
- Supabase (EU-hosted database & authentication)
- Stripe (payment processing)
- Resend (email delivery)
- LLM APIs (query result generation)
- Legal authorities (where required by law)
We ensure appropriate data protection measures are in place, including EU Standard Contractual Clauses for transfers outside the EEA.
8. International Data Transfers
Some providers may process data outside the EU/EEA. We use safeguards such as:
- Standard Contractual Clauses
- Provider certification under relevant frameworks
9. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | While account is active + 12 months after deletion |
| Billing records | 10 years (legal requirement) |
| LLM query data | 12 months (configurable on request) |
| Logs | 12 months |
| Marketing data | Until consent is withdrawn |
10. Your Rights (GDPR)
You have the right to:
- Access your personal data
- Rectify inaccuracies
- Request erasure (“right to be forgotten”)
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with the CNPD
Requests can be sent to privacy@aeoguru.pro
11. Security Measures
We implement:
- Encryption in transit (TLS 1.2+) and at rest
- Role-based access control
- Row-Level Security (RLS) in Supabase
- Regular backups
- Logging and monitoring for suspicious activity
12. Children’s Privacy
Our services are not directed to anyone under 18. We do not knowingly collect personal data from children.
13. Your Role vs Our Role
- You are the data controller for content you add to your workspace.
- We act as your processor for that content.
- For account and billing data, we are the data controller.
14. Changes to This Policy
We may update this policy periodically. The updated version will be posted on our website with a revised date.
15. Contact Information
For questions or concerns about this policy:
Email: privacy@aeoguru.pro