Back to Home

Privacy Policy

Last updated: March 23, 2026

1. Data Controller

The data controller for the eyeq.ai platform is:

Sebastian Kielmann
Email: info@eyeq.ai

2. What Data We Collect

2.1 Invitation Requests

When you request an invitation, we collect your email address. This is stored in our database and used solely to contact you when your access is ready.

2.2 Account Data

When you register as a user, we collect your username, email address, and an encrypted password. Passwords are hashed using Argon2id and are never stored in plain text.

2.3 Domain & Website Data

When you add a domain for analysis, we crawl publicly accessible pages of the specified website. We collect page content (text, headings, structured data) and screenshots for analysis purposes. This data is used to compare AI-generated responses against your actual website content.

2.4 AI Analysis Data

We store the questions generated for your domain, the responses received from third-party AI services (OpenAI, Anthropic, Google), and the resulting analysis including citation scores, sentiment analysis, and visibility metrics.

2.5 Technical Data

We automatically collect certain technical information when you use the Service, including IP addresses, browser type, and access timestamps. This data is used for security, rate limiting, and service improvement purposes.

3. How We Use Your Data

We use your data for the following purposes:

  • To provide and maintain the eyeq.ai Service.
  • To authenticate your identity and manage your account.
  • To perform AI visibility analysis on domains you have added.
  • To contact you regarding your invitation request or account.
  • To protect the security and integrity of the Service.
  • To comply with legal obligations.

4. Legal Basis (GDPR)

We process your personal data based on:

  • Consent (Art. 6(1)(a) GDPR) — when you submit your email for an invitation request.
  • Contract performance (Art. 6(1)(b) GDPR) — when processing is necessary to provide the Service you have signed up for.
  • Legitimate interest (Art. 6(1)(f) GDPR) — for security measures, fraud prevention, and service improvement.

5. Third-Party Services

We use the following third-party services to provide the Service:

  • MongoDB Atlas — cloud database hosting (data may be processed in the EU and/or US).
  • OpenAI (ChatGPT) — AI response generation for visibility analysis.
  • Anthropic (Claude) — AI response generation for visibility analysis.
  • Google (Gemini) — AI response generation, embeddings, and vision analysis.

When querying AI services, we send generated questions (not your personal data) to these providers. Please refer to each provider's privacy policy for details on their data handling practices.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Invitation request emails are retained until you receive access or request deletion. You may request deletion of your data at any time by contacting us.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Argon2id password hashing.
  • HTTP-only, Secure, SameSite cookies for session management.
  • JWT-based stateless authentication with HS256 signing.
  • Rate limiting on authentication and API endpoints.
  • Encrypted connections (HTTPS/TLS) for all data in transit.

8. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — request correction of inaccurate data.
  • Erasure — request deletion of your personal data.
  • Restriction — request restriction of processing.
  • Portability — request transfer of your data in a machine-readable format.
  • Objection — object to processing based on legitimate interest.
  • Withdraw consent — withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at info@eyeq.ai.

9. Cookies

eyeq.ai uses a single essential cookie (eyeq_session) for authentication purposes. This cookie is HTTP-only, Secure, and SameSite=Lax. We do not use tracking cookies, analytics cookies, or any third-party advertising cookies on this website.

10. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA) when using third-party AI services. Where such transfers occur, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

11. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

13. Supervisory Authority

If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

14. Contact

For any privacy-related questions or requests, please contact us at: info@eyeq.ai