Privacy Policy

GEO Visibility (“we,” “us,” or “our”) is committed to protecting the privacy of your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our Platform, website, and related services (collectively, the “Service”). By using the Service, you acknowledge the practices described in this policy.

We collect information that you voluntarily provide to us when you register for an account, purchase a plan, request a report, or communicate with us. This includes:

• Email address — used for account creation, report delivery, and service communications.
• Brand information — your brand name, company name, and related business details necessary for generating visibility reports and analyses.
• Website URL(s) — the website address(es) you provide for purposes of visibility analysis and report generation.
• Payment information — processed by our third-party payment partners (Alipay and WorldFirst). We do not store full credit card numbers or complete payment credentials on our servers.
• Communication data — information you provide when contacting us through email, contact forms, or support channels.

We may also automatically collect certain technical information when you visit our website, including IP address, browser type, device information, operating system, referring URLs, and usage data (pages visited, time spent, features used). This information helps us improve the Service and understand usage patterns.

We use the information we collect for the following purposes:

• Report Generation — to generate AI visibility reports, citation analyses, and competitive intelligence based on the brand and website information you provide.
• Communication — to send you reports, invoices, account notifications, service updates, and respond to your inquiries.
• Service Provision — to create and maintain your account, process payments, deliver purchased services, and provide customer support.
• Service Improvement — to analyze usage patterns, diagnose technical issues, and improve the functionality and user experience of the Platform.
• Compliance — to comply with legal obligations, enforce our Terms of Service, and protect our rights and the rights of other users.

We use Supabaseas our primary database provider for storing account information, user profiles, report data, and service records. Supabase is a cloud-based database platform that provides PostgreSQL database hosting with enterprise-grade security measures, including encryption at rest and in transit, access controls, and regular security audits. Your data is stored on Supabase's secure infrastructure and is accessible only to authorized personnel and systems for the purposes described in this policy. We have implemented appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

We retain your personal data for as long as your account is active or as needed to provide you with the Service. After account termination or deletion, we may retain certain information for a reasonable period to comply with legal obligations, resolve disputes, enforce our agreements, and fulfill regulatory requirements. Specifically:

• Account and profile data: retained for the duration of your account plus 90 days.
• Report data: retained for the duration of your account plus 12 months.
• Payment records: retained for the period required by applicable tax and financial regulations (typically 5–7 years).
• Communication records: retained for up to 3 years from the date of the last communication.

When data is no longer needed for these purposes, it is securely deleted or anonymized.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to Access — request a copy of the personal data we hold about you.
• Right to Rectification — request correction of inaccurate or incomplete data.
• Right to Erasure — request deletion of your personal data, subject to legal retention requirements.
• Right to Restrict Processing — request that we limit how we use your data.
• Right to Data Portability — request a copy of your data in a commonly used, machine-readable format.
• Right to Object — object to our processing of your data for certain purposes, including direct marketing.

To exercise any of these rights, please contact us at support@geovisibility.com. We will respond to your request within the timeframes required by applicable law. We may need to verify your identity before processing your request.

We use certain third-party service providers to operate and improve the Service. These providers have access to your information only to the extent necessary to perform their functions and are contractually obligated to protect your data. Key third-party services include:

• Supabase — database and authentication infrastructure. Your account and report data are stored on Supabase servers. Supabase complies with SOC 2, GDPR, and other data protection standards.
• Resend — email delivery service. We use Resend to send reports, invoices, and service communications to your email address. Resend processes your email address and communication content solely for email delivery purposes.
• Serper — search and data enrichment service. Serper may process search queries and brand-related data as part of report generation. No personal identification data is shared with Serper beyond what is necessary for the search functionality.
• DeepSeek— AI platform integration. We use DeepSeek's API as part of our automated analysis pipeline. Brand information and report parameters may be transmitted to DeepSeek for processing. DeepSeek does not use your data for model training absent an independent legal basis.
• OpenAI, Google, Anthropic, Perplexity — AI platforms that we query in the course of generating visibility reports. Only publicly available brand information or anonymized queries are transmitted; no personal identification data is shared.
• Alipay and WorldFirst — payment processors. Payment information is submitted directly to these processors and is not stored by us.

Each third-party service operates under its own privacy policy and terms of service. We encourage you to review the privacy policies of these providers for more information about their data handling practices.

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and improve the Service. Cookies are small text files stored on your device by your web browser. The types of cookies we use include:

• Essential Cookies — required for the basic operation of the Platform, including session management and authentication. These cannot be disabled.
• Analytics Cookies — help us understand how users interact with the Platform, which pages are visited most, and what features are used. We use this data to improve the Service.
• Functional Cookies — remember your preferences and settings to provide a personalized experience.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Platform. We do not use cookies for targeted advertising or third-party marketing purposes.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit (TLS) and at rest, access controls, regular security assessments, and secure data storage infrastructure through Supabase. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for notifying us promptly of any suspected security breach.

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers and service providers are located. These countries may have data protection laws that differ from those in your jurisdiction. We take appropriate safeguards, including Standard Contractual Clauses where required, to ensure that your data receives an adequate level of protection in accordance with applicable law.

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal data, we will take steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us immediately.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last updated” date. If we make material changes, we will notify you by email or through the Platform. Your continued use of the Service after such changes constitutes your acceptance of the updated policy. We encourage you to review this policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at support@geovisibility.com or through the contact form on the Platform.