← Back to Home

Privacy Policy

Last updated: March 2026

1. Information We Collect

We collect information you provide directly: your name, email address, company name, and role when you create an account. We also collect usage data including the brands and competitors you analyze, AI engine results, and your interaction with dashboards and reports.

We automatically collect technical data such as IP address, browser type, and device information through standard web server logs. We use cookies for authentication sessions only.

2. How We Use Your Information

We use your data to provide the Pondral service: running AI visibility analyses, generating content briefs, sending alert notifications, and displaying dashboards. We also use aggregated, anonymized data to improve our AI analysis accuracy.

We do not sell your personal information. We do not use your brand/competitor analysis data to train AI models.

3. Data Sharing

We share data only with service providers necessary to operate the platform: Supabase (database hosting), Stripe (payment processing), Resend (transactional emails), and AI engine providers (Anthropic, OpenAI, Google, Perplexity) for analysis queries. Each provider processes data under their own privacy policies.

We may disclose information if required by law or to protect the rights, property, or safety of our users.

4. Data Retention

We retain your account data and analysis results for the duration of your account. Analysis results older than your plan's retention period (default 365 days) may be automatically archived. You can request deletion of your data at any time.

5. Your Rights

You have the right to access, correct, export, and delete your personal data. You can exercise these rights through your account settings or by contacting us. We will respond to data requests within 30 days.

If you are in the EEA, UK, or California, you have additional rights under GDPR, UK GDPR, and CCPA respectively, including the right to object to processing and data portability.

6. Data Security

We use industry-standard security measures including encryption in transit (TLS), encryption at rest for sensitive credentials, row-level security in our database, and regular security reviews. OAuth tokens from third-party integrations are encrypted with AES-256-GCM before storage.

7. Contact

For privacy questions or data requests, contact us at privacy@pondral.com.