AUERUA
Why UsHow It WorksResultsPricingBlog
Book a demoSign inGet started
AUERUA
Why UsHow It WorksResultsPricingBlog
Get started

Legal

  • Terms of Service
  • Privacy Policy
    • 1. Data We Collect
    • 2. Your API Keys
    • 3. How We Use Data
    • 4. Subprocessors
    • 5. Data Retention
    • 6. Your Rights
    • 7. Contact
  • Data Processing Agreement
  • Acceptable Use Policy

STRUCTURAL DRAFT — placeholder text with [BRACKETED] markers. Requires review by qualified counsel before go-live. Nothing on this page is a live legal commitment yet.

Legal

Privacy Policy

Effective date: [EFFECTIVE DATE] · [COMPANY LEGAL ENTITY NAME] · Contact: [PRIVACY CONTACT EMAIL]

1. Data We Collect

  • Account data: your Google account email and profile name, used for sign-in and workspace membership.
  • Client business information: brand name, domain, business description, ideal customer profile, goals and tone — provided during onboarding and used to steer monitoring and generation.
  • Tracked URLs and site data: the pages you track, their fetched content, technical scan results, and citation-check results from AI engines.
  • Competitor data: the competitor names/domains you configure and per-engine mention data collected about them.
  • CMS credentials: credentials for publishing destinations you connect (WordPress, Webflow, Shopify, Ghost) — stored encrypted (AES-256-GCM), write-only after saving, and never exposed in logs, error messages, or client-side responses.

2. Your API Keys

LLM provider API keys you supply are stored encrypted (AES-256-GCM) and are write-only after saving — the dashboard shows only the last four characters and a validity status. Keys are decrypted server-side solely to perform the work you have configured (probing, analysis, generation) and are never shared with other clients, never used for our own purposes, and never included in logs or error output.

3. How We Use Data

Data is used to operate the Service for your workspace: running scheduled checks, generating and publishing content, applying and verifying fixes, computing reports, and sending the notifications you enable. We do not sell personal data. Access within the Service is scoped per workspace via row-level security.

4. Third-Party Subprocessors

The Service relies on the following categories of subprocessors:

  • Supabase — database, authentication, and storage (region: [SUPABASE REGION]).
  • Vercel — application hosting and content delivery.
  • Stripe — subscription billing (we never store card details).
  • AI providers — Anthropic, OpenAI, Google, and Perplexity APIs, invoked with your own API keys for probing and generation; prompt text and page content are transmitted to them as part of that work.
  • [TRANSACTIONAL EMAIL PROVIDER, e.g. Resend] — alert and report emails.

The current detailed list is available on request at [PRIVACY CONTACT EMAIL].

5. Data Retention

Workspace data (checks, logs, reports, articles) is retained for the life of your subscription plus [RETENTION PERIOD, e.g. 90 days] after cancellation, after which it is deleted or irreversibly anonymised. Encrypted credentials are deleted [CREDENTIAL DELETION WINDOW, e.g. within 30 days] of account closure or immediately on your request.

6. Your Rights

Subject to applicable law ([PDPA/GDPR/OTHER]), you may request access to, correction of, export of, or deletion of your personal data by contacting [PRIVACY CONTACT EMAIL]. We respond within [RESPONSE WINDOW, e.g. 30 days].

7. Contact

[COMPANY LEGAL ENTITY NAME] · [REGISTERED ADDRESS] · [PRIVACY CONTACT EMAIL]

AUERUA
Why UsHow It WorksResultsPricingBlogLegal

© 2026 Auerua · [COMPANY LEGAL ENTITY, UEN]. All rights reserved. · Legal · Contact