CitedOrNot ("CitedOrNot", "we", "us", or "our") operates the CitedOrNot platform, accessible at citedornot.com (the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights in relation to it. By using the Service you agree to the practices described here.
Account information. When you register we collect your name, email address, and a hashed password. If you sign up via Google OAuth we receive your name and email from Google.
Brand and tracking data. We store the brand names, keywords, competitor names, and any other content you enter into the Service so we can run AI visibility checks on your behalf.
AI engine responses. When your keywords are sent to AI engines (ChatGPT, Gemini, Perplexity, Claude, Grok, and Google AI Overviews), we store the raw text responses, whether your brand was mentioned, extracted snippets, sentiment signals, and any citations returned by those engines.
Usage and analytics data. We collect standard server logs including IP address, browser type, pages visited, and timestamps. This helps us diagnose issues and improve the Service.
Payment data. All payment processing is handled by Stripe. We do not store your card number, CVV, or full payment details on our servers. We receive from Stripe a customer token, subscription status, and billing dates. See Stripe's Privacy Policy for how they handle your payment data.
Cookies and similar technologies. We use session cookies required for authentication and security. We do not use third-party advertising cookies or tracking pixels.
We do not sell, rent, or trade your personal information. We share data only in the following limited ways:
AI engine providers. To run your scans, your keyword queries (not your account identity) are sent to third-party AI providers: OpenAI (ChatGPT), Google (Gemini, Google AI Overviews), Perplexity AI, Anthropic (Claude), and xAI (Grok). Each provider processes queries under their own privacy terms.
Payment processor. Stripe receives your payment card details and billing information to process transactions.
Hosting and infrastructure. We use cloud infrastructure providers to host the Service. These providers have access to server data as necessary to operate the infrastructure, under appropriate data-processing agreements.
Legal requirements. We may disclose information if required to do so by law or in response to valid requests from public authorities.
Business transfer. If CitedOrNot is involved in a merger, acquisition, or asset sale, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.
We retain your account and tracking data for as long as your account is active. If you cancel your subscription, your account data is retained for a short grace period after which it is deleted from our systems. Mention history and scan data associated with your keywords is retained for the lifetime of your account and deleted with it.
You may request deletion of your account and associated data at any time by emailing hello@citedornot.com.
For all users. You may access, correct, or delete the personal data you have provided to us via your account settings or by contacting us. You may also opt out of non-essential email communications at any time via your notification settings.
EU / EEA users (GDPR). If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation, including the right to access, rectify, erase, restrict or object to processing, and the right to data portability. You also have the right to lodge a complaint with your local data protection authority. To exercise any of these rights, contact us at hello@citedornot.com.
California users (CCPA). California residents have the right to know what personal information we collect, the right to request deletion, and the right not to be discriminated against for exercising these rights. We do not sell personal information as defined by the CCPA. To submit a request, email hello@citedornot.com.
We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These include encrypted connections (HTTPS), hashed passwords, and access controls. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
The Service is not directed to anyone under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with their data, please contact us and we will promptly delete it.
We may update this Privacy Policy from time to time. When we do, we will revise the "last updated" date at the top of this page. For material changes, we will notify you by email or via a notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.
If you have questions or concerns about this Privacy Policy or your data, please contact us at:
hello@citedornot.com