PL Run free audit

Legal

Privacy Policy

Effective date: [To be set on launch] · Last updated: June 2026

TEMPLATE — DRAFT pending review by licensed counsel before launch. Not legal advice. This document is a working draft prepared to reduce the time a qualified lawyer needs to finalize it. It is not final, does not constitute legal advice, and must not be relied upon until reviewed and approved.

1. Who we are

CitePulse is an AI citation audit and monitoring service operated by GeoAI Solutions LLC (trading as GeoFlow) ("CitePulse", "we", "us"), a company registered in Sheridan, Wyoming, United States. For the purposes of the EU and UK General Data Protection Regulation (GDPR), GeoAI Solutions LLC is the data controller for personal data processed through this website and service.

If you have any question about this policy or how we handle your data, contact us at [email protected].

2. What data we collect

We practice data minimization: we collect only what we need to provide the audit and monitoring service.

  • Audit input data — the website domain and industry you submit for an audit. Domain and publicly available website content are processed to perform the audit.
  • Contact data — the email address you provide to receive your PDF report or to create a monitoring subscription.
  • Billing data — for paid plans, payment is processed by our payment processor (Stripe); we receive billing metadata and subscription status but do not store full card numbers.
  • Technical and usage data — standard server logs and limited analytics (for example IP address, user agent, pages requested) used for security, abuse prevention and service reliability.

3. How and why we use your data (legal bases)

  • To provide the service (performance of a contract / pre-contractual steps): running audits, generating reports, sending results and operating monitoring subscriptions.
  • To communicate with you (legitimate interests / contract): delivering reports, responding to enquiries and sending service-related notices.
  • To secure and improve the service (legitimate interests): preventing abuse, diagnosing issues and improving accuracy.
  • To comply with law (legal obligation): tax, accounting and lawful requests.

Where we rely on consent (for example optional marketing email), you may withdraw it at any time.

4. AI processing of audit queries

To measure how AI assistants cite a business, CitePulse sends industry-relevant queries to third-party AI providers (OpenAI, Anthropic, Google and Perplexity). These queries concern the audited business and its market; we do not send your personal contact details to these providers as part of the audit queries. Provider processing is governed by their respective terms.

5. Sub-processors

We share data with the following categories of processors strictly to operate the service. A current sub-processor list is maintained in our Data Processing Addendum.

ProcessorPurpose
CloudflareHosting, CDN, edge compute, security
ResendTransactional email delivery (reports, notices)
OpenAI, Anthropic, Google, PerplexityAI model queries for citation testing
StripePayment processing and subscription billing

6. International transfers

We are based in the United States and use processors that may store or process data in the United States and other countries. Where personal data of EU/UK individuals is transferred internationally, we rely on appropriate safeguards such as the Standard Contractual Clauses, as detailed in the DPA.

7. Data retention

We retain audit inputs, generated reports and contact data for as long as needed to provide the service and for a reasonable period afterwards for legal, accounting and security purposes, after which it is deleted or anonymized. You may request earlier deletion (see your rights below).

8. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict or object to the processing of your personal data, the right to data portability, and the right to withdraw consent. EU/UK individuals also have the right to lodge a complaint with a supervisory authority. To exercise any right, email [email protected]; we will respond within the timeframes required by applicable law.

9. Cookies

We use only the cookies and local storage necessary to operate the site (for example, remembering your currency preference) and, where applicable, limited analytics for reliability. We do not sell personal data. Full detail, and our consent approach for any future non-essential cookies, is in our Cookie Policy.

10. Children

CitePulse is a business-to-business service and is not directed to children. We do not knowingly collect personal data from children.

11. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by an updated "Last updated" date and, where appropriate, direct notice.

12. Contact and data-protection enquiries

Data controller: GeoAI Solutions LLC, 30 N Gould St Ste N, Sheridan, WY 82801, USA. For privacy and data-protection enquiries, data-subject requests, or to reach the person responsible for data protection, contact [email protected]. [For counsel: confirm whether an Art. 27 EU/UK representative or a formally designated DPO is required and add details here.]