Privacy Policy

1. Introduction

zipe.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services, including our AI visibility diagnostic tools.

This policy complies with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@zipe.ai.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, password
• Payment Information: Processed securely through our payment processor (we do not store credit card details)
• Scan Data: Brand names, industry information, website URLs you submit for analysis
• Communications: Messages sent to our support team

2.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on site
• Device Information: Browser type, operating system, IP address
• Cookies: Session management, preferences, analytics (see our Cookie Policy)

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To provide AI visibility diagnostics and technical SEO analysis
• Account Management: To create and manage your account, process subscriptions
• Communication: To send service-related notifications, updates, and support responses
• Improvement: To analyze usage patterns and improve our services
• Legal Compliance: To comply with legal obligations and enforce our terms

4. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Consent: When you create an account or subscribe to our services
• Contract Performance: To deliver the services you've requested
• Legitimate Interests: To improve our services and prevent fraud
• Legal Obligations: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Payment processors, OpenAI and Anthropic (AI analysis), cloud hosting providers
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

6. Your Rights

6.1 GDPR Rights (EU/EEA Users)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

6.2 CCPA Rights (California Residents)

• Right to Know: What personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the "sale" of personal information (we don't sell data)
• Right to Non-Discrimination: Equal service regardless of exercising your rights

To exercise these rights, contact us at privacy@zipe.ai or use our Privacy Settings page.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

• Active Accounts: Data retained while your account is active
• Deleted Accounts: Most data deleted within 30 days; some data retained for legal compliance (e.g., financial records for 7 years)
• Scan Reports: Retained for 2 years unless you request earlier deletion

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption in transit (TLS/SSL) and at rest
• Secure authentication and password hashing
• Regular security audits and updates
• Limited access to personal data on a need-to-know basis

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) for GDPR compliance.

10. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our website. Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions about this Privacy Policy or to exercise your rights:

13. Supervisory Authority

If you are in the EU/EEA and believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local supervisory authority.