Privacy Policy

1. Introduction and Scope

Welcome to Seerly, an AI search optimization and brand visibility analysis platform operated by K4 Minds Technologies LLP ("Company", "we", "our", or "us"). We are deeply committed to protecting your privacy and maintaining the security and confidentiality of your personal information. This Privacy Policy ("Policy") explains in detail how we collect, use, process, store, share, and protect information about you when you use our Service.

This Policy applies to all users of Seerly, including visitors to our website, registered account holders, and subscribers to our paid services. By accessing or using the Service, you acknowledge that you have read, understood, and agree to the data practices described in this Policy. If you do not agree with any part of this Policy, you must immediately discontinue use of the Service.

We reserve the right to modify this Policy at any time. Material changes will be communicated via email or prominent notice on our Platform, with changes taking effect after a reasonable notice period (typically 30 days). Your continued use of the Service after changes become effective constitutes acceptance of the updated Policy. We encourage you to review this Policy periodically to stay informed about our data practices.

1.1 Our Privacy Commitment

We are committed to the following privacy principles:

• Transparency: We will be clear and open about what data we collect and how we use it
• Data Minimization: We collect only the data necessary to provide and improve our Service
• Security: We implement industry-standard security measures to protect your data
• User Control: You have rights over your data, including access, correction, and deletion
• No Selling: We do not and will never sell your personal information to third parties
• Legal Compliance: We comply with applicable data protection laws including GDPR, CCPA, and Indian data protection regulations

2. Information We Collect

We collect several categories of information from and about users of our Service. The specific types of information we collect depend on how you interact with our Platform and what features you use.

2.1 Information You Provide Directly

This includes information you actively submit or provide when using the Service:

Account Information

• Google OAuth Data: When you create an account using Google OAuth, we receive your Google account email address, name, profile picture URL, and Google account ID. We do not receive or store your Google password.
• Account Settings: Preferences, notification settings, and other configuration choices you make within your account.

Domain and Brand Information

• Domain URLs: Website URLs and domain names you submit for analysis, including primary domains and any associated subdomains or alternate domains.
• Brand Details: Brand names, business topics, industry categories, and other descriptive information about the brands you analyze.
• Target Markets: Geographic locations, target countries, and regional preferences you specify for your analysis.
• Competitor Information: Domains or brands you identify as competitors for benchmarking purposes.

Payment Information

• Billing Details: Billing name, billing address, email address for receipts, and company name (if applicable). We use third-party payment processors (Polar.sh) and do not directly collect or store complete credit card numbers or sensitive payment credentials.
• Transaction History: Records of your subscription plans, payment amounts, billing dates, and transaction IDs for accounting and customer service purposes.

Communications

• Support Inquiries: Information you provide when contacting our customer support team, including the content of your messages, attachments, and any additional details you share.
• Feedback and Surveys: Responses to surveys, feature requests, bug reports, and other feedback you provide.

2.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain technical and usage information:

Device and Browser Information

• Device Data: Device type (desktop, mobile, tablet), operating system and version, screen resolution, device identifiers, and hardware specifications.
• Browser Data: Browser type and version, browser language settings, timezone, and browser plugins or extensions that may affect service functionality.
• Network Information: IP address, internet service provider (ISP), approximate geographic location derived from IP address (country, region, city), and network connection type.

Usage and Interaction Data

• Page Views and Navigation: Pages visited, features accessed, time spent on each page, click patterns, scroll depth, and navigation paths through the Platform.
• Feature Usage: Which analysis features you use, frequency of workflow executions, types of reports generated, dashboard interactions, and feature adoption patterns.
• Workflow Data: Details about domain analysis workflows you execute, including execution times, workflow status, step completion, and any errors or failures encountered.
• Search and Filters: Search queries within the Platform, filters applied to data views, sorting preferences, and data export actions.

Performance and Diagnostics

• Error Logs: Application errors, JavaScript errors, API errors, failed requests, and stack traces (sanitized to remove personal information where possible).
• Performance Metrics: Page load times, API response times, rendering performance, and other metrics that help us optimize service speed and reliability.
• Crash Reports: Information about application crashes or severe errors that affect your user experience.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and collect usage data. For detailed information about our cookie practices, see Section 8 (Cookies and Tracking Technologies) below.

2.3 Information from Third Parties

We collect certain information from external sources to provide our core analysis services:

Publicly Accessible Website Data

• Website Content: HTML source code, visible text content, images, videos, and other media embedded on pages you submit for analysis.
• Metadata and Technical Elements: Meta tags (title, description, keywords), Open Graph tags, Twitter Card data, canonical URLs, hreflang tags, and other HTML metadata.
• Structured Data: Schema.org markup, JSON-LD data, microdata, RDFa, and other structured data formats used for semantic web and AI optimization.
• Technical SEO Elements: Robots.txt files, XML sitemaps, page headers (HTTP headers), redirect chains, canonical implementation, and other technical SEO factors.
• Page Structure: Header hierarchy (H1-H6), internal linking structure, navigation menus, content organization, and semantic HTML elements.
• Performance Data: Page load speeds, resource sizes, Core Web Vitals metrics, mobile responsiveness, and other performance indicators.

AI Engine Interaction Data

A core function of our Service is analyzing how AI engines respond to queries about your brand. This involves:

• Queries Sent: We send brand-related queries to third-party AI engines (OpenAI's ChatGPT, Anthropic's Claude, Google's Gemini, Perplexity AI) based on your domain and brand information.
• AI Responses: We collect the full text of responses generated by these AI engines, including main content, citations, source references, and any metadata provided by the AI systems.
• Citation Sources: URLs, website names, article titles, author names, publication dates, and other information about sources cited by AI engines in their responses.
• Response Metadata: Timestamps, query context, model versions (when available), and other technical details about AI interactions.
• Analysis Results: Our proprietary analysis of AI responses, including brand mention detection, sentiment scores, visibility metrics, and competitive positioning data.

Important Note: These AI engines are operated by independent third parties (OpenAI, Anthropic, Google, Perplexity). Their responses are subject to their own privacy policies and terms of service. We have no control over the content generated by these systems. AI responses may reference publicly available information about you, your brand, or your competitors from across the internet.

OAuth Provider Information

• Google OAuth: When you sign in with Google, we receive basic profile information (email, name, profile picture) from Google. This data is provided under Google's OAuth authorization flow and is subject to Google's Privacy Policy.
• Authentication Tokens: We receive temporary access tokens from Google to verify your identity. These tokens are not stored long-term and are used only for authentication purposes.

Payment Processor Information

• Polar.sh: Our payment processor provides us with transaction confirmations, subscription status updates, and payment event notifications. We do not receive full credit card numbers or sensitive payment credentials.

3. How We Use Your Information

We use the information we collect for specific, legitimate purposes related to providing, improving, and protecting our Service. Below is a comprehensive explanation of how we use different types of information:

3.1 Service Delivery and Core Functionality

• AI Visibility Analysis: Using your domain and brand information to query AI engines, collect responses, analyze brand mentions, calculate visibility scores, and generate comprehensive analysis reports showing how AI systems perceive and represent your brand.
• Sentiment Analysis: Processing AI-generated content mentioning your brand using natural language processing to determine sentiment (positive, negative, neutral), emotional tone, and contextual nuances of brand mentions.
• Citation Tracking: Identifying and analyzing which websites, articles, and sources AI engines cite when discussing your brand, including authority scoring, citation frequency analysis, and source sentiment evaluation.
• SEO and AI Readiness Audits: Crawling your website to analyze meta tags, structured data, content quality, technical SEO factors, and AI optimization signals to generate detailed audit reports and improvement suggestions.
• Competitive Benchmarking: Comparing your AI visibility metrics against competitors you specify, including relative visibility scores, competitive positioning, and strategic gap analysis.
• Content Strategy Recommendations: Generating AI-powered suggestions for content creation, platform prioritization (Reddit, Medium, LinkedIn, etc.), topic targeting, and strategic guidance based on your current visibility and competitive landscape.
• Historical Trend Analysis: Storing and analyzing historical data to track visibility changes over time, identify trends, measure improvement, and provide longitudinal insights into your AI presence evolution.
• Multi-Domain Management: Organizing and managing analysis for multiple domains associated with your account, providing domain-specific dashboards, and enabling cross-domain comparative analytics.

3.2 Account and User Management

• Authentication and Access Control: Verifying your identity, managing login sessions, maintaining account security, and controlling access to features based on your subscription level.
• Account Administration: Processing account creation, modifications, deletions, and handling account-related requests.
• Subscription Management: Managing your subscription plan, processing upgrades/downgrades, tracking usage against plan limits, and enforcing feature access controls.
• Personalization: Customizing your experience based on your preferences, usage patterns, and account settings.

3.3 Payment Processing and Billing

• Transaction Processing: Facilitating payments, processing subscriptions, handling refunds, and managing financial transactions through our payment processor (Polar.sh).
• Billing Administration: Generating invoices, sending payment receipts, processing payment method updates, and managing subscription renewals.
• Financial Records: Maintaining transaction history for accounting, tax compliance, and financial reporting purposes.
• Fraud Prevention: Detecting and preventing payment fraud, chargebacks, and unauthorized transactions.

3.4 Service Improvement and Development

• Algorithm Enhancement: Improving our AI visibility scoring algorithms, sentiment analysis accuracy, citation ranking methodologies, and competitive benchmarking calculations using aggregated, anonymized data and user feedback.
• Feature Development: Analyzing usage patterns to identify which features are most valuable, which features need improvement, and what new features users need.
• Performance Optimization: Using performance metrics, error logs, and user behavior data to identify bottlenecks, optimize page load times, reduce API latency, and improve overall service reliability.
• User Experience Research: Analyzing how users interact with the Platform to improve navigation, simplify workflows, enhance data visualization, and create a more intuitive interface.
• Quality Assurance: Testing new features, identifying bugs, validating algorithm accuracy, and ensuring service quality before releasing updates to all users.

3.5 Research and Analytics

• Industry Benchmarking: Creating anonymized, aggregated industry benchmarks showing average AI visibility scores across sectors, typical sentiment distributions, and common optimization gaps (no individual user or brand is identifiable in these benchmarks).
• Trend Analysis: Identifying macro trends in how AI engines cite sources, which content types perform best, and how AI visibility correlates with traditional SEO factors.
• Research Publications: Publishing aggregated insights, trend reports, and industry research (always anonymized and never identifying specific users or brands without explicit consent).

3.6 Communications and Support

• Customer Support: Responding to your inquiries, troubleshooting technical issues, providing guidance on feature usage, and resolving account or billing problems.
• Service Notifications: Sending important account-related messages, including workflow completion notifications, subscription confirmations, payment receipts, and security alerts.
• Product Updates: Informing you about new features, service improvements, platform updates, and changes to our policies (you can opt out of promotional communications but not essential service notifications).
• Educational Content: Sharing blog posts, guides, best practices, case studies, and other educational materials to help you maximize the value of the Service (optional, can opt out).

3.7 Security and Fraud Prevention

• Abuse Detection: Monitoring for unusual activity patterns, automated abuse, scraping attempts, or violation of our Terms of Service.
• Security Monitoring: Detecting and responding to security threats, unauthorized access attempts, data breaches, and other security incidents.
• Fraud Prevention: Identifying fraudulent accounts, payment fraud, account takeovers, and other malicious activities.
• System Integrity: Protecting the stability and availability of our Service by preventing denial-of-service attacks, resource exhaustion, and other infrastructure threats.

3.8 Legal Compliance and Protection

• Legal Obligations: Complying with applicable laws, regulations, legal processes, court orders, subpoenas, and enforceable governmental requests.
• Rights Protection: Enforcing our Terms of Service, protecting our intellectual property rights, and defending against legal claims.
• Record Keeping: Maintaining records as required by law for tax, accounting, and regulatory compliance purposes.

4. How We Share Your Information

We do not sell your personal information to third parties. We only share information in specific, limited circumstances necessary to provide our Service, comply with legal obligations, or protect our rights. Below is a comprehensive list of scenarios where information sharing may occur:

4.1 Service Providers and Third-Party Tools

We share information with trusted third-party service providers who perform functions on our behalf. All service providers are bound by confidentiality obligations and may only use your information to perform services for us.

Cloud Infrastructure Providers

• Hosting and Storage: We use cloud hosting providers to store user data, application data, databases, and backups. Data is stored in secure data centers with industry-standard security measures.
• Content Delivery: We may use content delivery networks (CDNs) to improve service performance and deliver static assets efficiently.

AI Engine Providers

• OpenAI (ChatGPT): We send brand-related queries to OpenAI's API and receive responses as part of our core analysis service. Data sent is subject to OpenAI's data usage policies.
• Anthropic (Claude): We send queries to Anthropic's Claude API for AI visibility analysis subject to Anthropic's terms and privacy policy.
• Google (Gemini): We use Google's Gemini API for AI response analysis subject to Google's terms and privacy practices.
• Perplexity AI: We query Perplexity's API to analyze brand visibility in their AI search results.

Important: These AI providers may use queries and responses for their own purposes (including model training) according to their respective policies. We do not control how these third parties use this data beyond the analysis results they provide to us.

Payment Processors

• Polar.sh: We use Polar.sh to process payments and manage subscriptions. Your payment information is collected and processed by Polar.sh according to their privacy policy. We receive only transaction confirmations and subscription status updates, not full payment credentials.

Analytics and Monitoring

• Usage Analytics: We may use analytics tools to understand how users interact with our Service, identify usage patterns, and measure feature adoption (we use privacy-friendly analytics tools where possible and anonymize data when available).
• Error Monitoring: We use error tracking and application monitoring services to detect bugs, crashes, and performance issues. Error logs are sanitized to remove personal information where possible.

Communication Services

• Email Services: We use email service providers to send transactional emails (account confirmations, password resets, receipts) and optional marketing communications.
• Customer Support Tools: If we use third-party customer support platforms, support conversations and associated user data may be stored on those platforms.

4.2 Business Transfers and Corporate Events

In the event of a merger, acquisition, corporate reorganization, sale of assets, financing, or bankruptcy, your information may be transferred to the acquiring company or third party as part of the business transaction. In such cases:

• We will notify you via email or prominent notice on our website before your data is transferred
• The acquiring party will be required to honor the privacy commitments made in this Policy
• You will have the option to delete your account before the transfer if you do not agree

4.3 Legal Requirements and Protection of Rights

We may disclose your information when required by law or to protect our rights:

• Legal Compliance: To comply with applicable laws, regulations, legal processes, court orders, subpoenas, warrants, or enforceable governmental requests
• Law Enforcement: To cooperate with law enforcement agencies in investigating crimes, fraud, or other illegal activities
• Terms Enforcement: To enforce our Terms of Service, detect and prevent fraud, abuse, or security threats, or investigate violations
• Rights Protection: To protect the rights, property, or safety of K4 Minds Technologies LLP, our users, or the public
• Legal Claims: To establish, exercise, or defend legal claims, including in litigation or arbitration proceedings

We will make reasonable efforts to notify you of legal demands for your information unless prohibited by law or court order, or if we believe notification could create a risk of harm.

4.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing. This may include:

• Sharing your analysis results or case studies for marketing purposes (only with your permission)
• Integrating with third-party services you authorize
• Participating in research studies or surveys where data sharing is involved

You can withdraw consent at any time by contacting us, though withdrawal may not affect sharing that occurred before withdrawal.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you or your brand. This may include:

• Industry benchmarks and trend reports showing average metrics across user segments (e.g., "average AI visibility score for e-commerce companies")
• Research findings and whitepapers containing aggregated insights about AI search optimization trends
• Statistical data used for academic research, industry analysis, or public reporting (never identifying specific users or brands)

5. Data Retention and Deletion

We retain your information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary based on the type of information and the purposes for which it is used.

5.1 Retention Periods by Data Type

Account Information

• Active Accounts: Retained while your account is active and you continue using the Service
• Inactive Accounts: Retained for up to 12 months after your last login, after which we may delete inactive free accounts (paid accounts are retained as long as subscriptions are active)
• After Deletion Request: Deleted within 30 days of request, except for information we must retain for legal compliance

Analysis Data and Results

• Analysis Results: Retained while your account is active to enable historical trend analysis and longitudinal insights
• Raw Crawl Data: Typically retained for 90 days, after which it may be deleted while preserving aggregated metrics
• AI Engine Responses: Retained for the duration of your account to support historical analysis, may be retained in anonymized form for research after account deletion

Financial and Billing Records

• Transaction History: Retained for at least 7 years as required by accounting laws and tax regulations
• Invoices and Receipts: Retained permanently for accounting purposes and to provide you with access to historical billing records

Usage and Analytics Data

• Usage Logs: Typically retained for 90-180 days, then deleted or anonymized for long-term analytics
• Error Logs: Retained for 30-90 days for troubleshooting, then deleted

Communications

• Support Conversations: Retained for 2 years to provide consistent support and reference past issues
• Email Communications: Transactional emails retained according to legal requirements, marketing emails retained until you unsubscribe

5.2 Data Deletion Process

When you request account deletion or when we delete inactive accounts:

• Immediate Actions: Your account is deactivated immediately, and you lose access to the Service
• Data Deletion Timeline: Personal information is deleted within 30 days, with backups purged within 90 days
• Retained Information: We may retain certain information as permitted or required by law, including:
  • Financial records for tax and accounting compliance (7+ years)
  • Information necessary to resolve disputes or enforce our Terms
  • Aggregated, anonymized data that no longer identifies you
  • Information required by legal holds or pending litigation

5.3 Right to Request Deletion

You can request deletion of your account and personal information at any time through your account settings or by contacting us. We will process deletion requests promptly, subject to legal retention requirements. See Section 7 (Your Privacy Rights) for more details on exercising this right.

6. Data Security

We take the security of your information seriously and implement comprehensive technical, administrative, and physical safeguards to protect your data from unauthorized access, use, disclosure, alteration, or destruction.

6.1 Technical Security Measures

Encryption

• Data in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (HTTPS) with strong cipher suites
• Data at Rest: Sensitive data stored in databases is encrypted using industry-standard encryption algorithms (AES-256 or equivalent)
• Secure APIs: All API communications with third-party services (AI engines, payment processors) use encrypted connections

Access Controls

• Authentication: Secure OAuth 2.0 authentication with industry-leading identity providers (Google)
• Session Management: HTTP-only cookies, secure session tokens with appropriate expiration times, and automatic session invalidation
• Principle of Least Privilege: Internal access to user data is strictly limited to employees who need it to perform their job functions
• Multi-Factor Authentication: Our team uses MFA for access to production systems and sensitive data

Infrastructure Security

• Cloud Security: We use reputable cloud providers with SOC 2 certification and robust physical security at data centers
• Network Security: Firewalls, intrusion detection systems, and network segmentation to isolate sensitive data
• DDoS Protection: Distributed denial of service protection to maintain service availability
• Regular Updates: Timely application of security patches and updates to all systems

Application Security

• Secure Development: Security best practices in code development, including input validation, output encoding, and protection against common vulnerabilities (SQL injection, XSS, CSRF)
• Code Reviews: Security-focused code reviews and automated security scanning
• Dependency Management: Regular updates to third-party libraries and vulnerability scanning of dependencies

6.2 Administrative and Organizational Measures

• Employee Training: Regular security awareness training for all employees handling user data
• Confidentiality Agreements: All employees and contractors sign confidentiality agreements
• Background Checks: Background checks for employees with access to sensitive systems
• Access Audits: Regular reviews of who has access to what data and removal of unnecessary access
• Incident Response Plan: Documented procedures for detecting, responding to, and recovering from security incidents

6.3 Monitoring and Logging

• Security Monitoring: Continuous monitoring for suspicious activity, unauthorized access attempts, and security anomalies
• Audit Logs: Comprehensive logging of access to sensitive data and administrative actions
• Anomaly Detection: Automated systems to detect unusual patterns that may indicate security threats

6.4 Third-Party Security

• Vendor Security Reviews: We vet third-party service providers for security practices before sharing data
• Data Processing Agreements: Contractual obligations for third parties to maintain appropriate security measures
• Limited Data Sharing: We share only the minimum necessary data with third parties

6.5 Limitations and User Responsibility

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. You are responsible for:

• Maintaining the confidentiality of your account credentials
• Using strong, unique passwords
• Enabling two-factor authentication when available
• Not sharing your account access with others
• Immediately notifying us of any unauthorized account access

6.6 Security Breach Notification

In the event of a data breach that affects your personal information, we will:

• Notify affected users within 72 hours of becoming aware of the breach (as required by GDPR)
• Provide details about what information was affected, steps we're taking, and recommended actions you should take
• Report the breach to relevant data protection authorities when required by law
• Conduct a thorough investigation and implement measures to prevent future incidents

7. Your Privacy Rights

Depending on your location, you may have specific rights regarding your personal information under data protection laws such as GDPR (European Economic Area), CCPA (California), and other regional privacy regulations. Below is a comprehensive overview of your rights and how to exercise them.

7.1 Universal Rights (All Users)

Regardless of your location, you have the following rights:

Right to Access

You have the right to request access to the personal information we hold about you, including:

• What personal information we collect
• How we use it
• With whom we share it
• How long we retain it
• A copy of your personal information in a structured, commonly used format

Right to Correction

You have the right to request correction of inaccurate or incomplete personal information we hold about you. We will make corrections within a reasonable timeframe and notify relevant third parties where necessary.

Right to Deletion

You have the right to request deletion of your personal information, subject to certain exceptions where we must retain information for legal compliance, dispute resolution, or fraud prevention. We will delete your information within 30 days of a valid request.

Right to Object

You have the right to object to certain types of data processing, including:

• Processing based on legitimate interests
• Direct marketing communications (you can opt out at any time)
• Automated decision-making or profiling (when applicable)

7.2 Additional Rights for EEA/UK Users (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, machine-readable format and transmit it to another controller without hindrance. We provide data export functionality in standard formats (CSV, JSON) for this purpose.

Right to Restriction of Processing

You have the right to request restriction of processing your personal information in certain circumstances, such as when you contest the accuracy of data or object to processing.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority in your country if you believe we have violated your data protection rights.

Legal Basis for Processing

We process your data based on the following legal grounds under GDPR:

• Contract Performance: Processing necessary to provide the Service you requested
• Consent: You have given explicit consent for specific processing activities (e.g., marketing communications)
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., service improvement, fraud prevention) while respecting your rights
• Legal Obligations: Processing necessary to comply with legal requirements

7.3 Additional Rights for California Users (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know

You have the right to request disclosure of:

• Categories of personal information collected
• Specific pieces of personal information we hold about you
• Sources from which information was collected
• Business or commercial purposes for collection
• Categories of third parties with whom we share information

Right to Delete

You have the right to request deletion of personal information collected from you, subject to certain exceptions.

Right to Opt-Out of Sale

Important: We do not sell personal information, so there is nothing to opt out of. We have never sold personal information and will not do so in the future.

Right to Non-Discrimination

You have the right to not receive discriminatory treatment for exercising your CCPA rights. We will not deny services, charge different prices, or provide different quality of service because you exercised your rights.

Right to Limit Use of Sensitive Personal Information

Under CPRA, you can limit our use of sensitive personal information (we collect minimal sensitive information and only use it for disclosed purposes).

7.4 How to Exercise Your Rights

To exercise any of the above rights, you can:

• Use Your Account Settings: Some rights (data export, account deletion) can be exercised directly through your account settings
• Contact Us: Submit a request through our Contact page or email support

Verification Process

To protect your privacy and security, we must verify your identity before processing rights requests. This may involve:

• Confirming your account email address
• Answering security questions
• Providing additional identification for sensitive requests (deletion, data access)

Response Timeline

• Initial Response: We will acknowledge receipt of your request within 3 business days
• Fulfillment: We will fulfill verified requests within 30 days (45 days for complex requests, with notice of extension)
• No Charge: We do not charge fees for reasonable requests (excessive or repetitive requests may incur administrative fees)

Authorized Agents

You may designate an authorized agent to make requests on your behalf. The agent must provide written authorization from you and we may require you to verify your identity directly.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and improve our Service. This section provides detailed information about our use of these technologies.

8.1 What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work more efficiently and provide information to website owners. Cookies can be "session" cookies (deleted when you close your browser) or "persistent" cookies (remain until expiration or manual deletion).

8.2 Types of Cookies We Use

Essential Cookies (Always Active)

These cookies are necessary for the Service to function and cannot be disabled:

• Authentication Cookies: Verify your identity and maintain your login session (JWT tokens in HTTP-only cookies)
• Security Cookies: Protect against CSRF attacks and other security threats
• Load Balancing: Distribute server load to ensure service availability

Functionality Cookies

These cookies remember your preferences and settings:

• Language preferences
• Theme settings (if applicable)
• Dashboard layout preferences
• Recently viewed domains or analysis

Analytics Cookies

These cookies help us understand how you use the Service:

• Pages visited and features used
• Time spent on pages
• Navigation patterns
• Error occurrences
• Performance metrics

We use privacy-friendly analytics where possible and anonymize IP addresses to protect your privacy.

8.3 Third-Party Cookies

Some cookies are placed by third-party services we use:

• Google OAuth: Cookies used for authentication when you sign in with Google
• Payment Processor: Cookies used by Polar.sh for secure payment processing
• Analytics Services: Cookies from analytics providers (if used) subject to their privacy policies

8.4 Local Storage and Other Technologies

In addition to cookies, we may use:

• Local Storage: Browser local storage to cache certain data for performance and offline functionality
• Session Storage: Temporary storage cleared when you close your browser
• IndexedDB: Structured data storage for more complex offline capabilities (if applicable)

8.5 Managing Cookies

You can control cookies through:

Browser Settings

Most browsers allow you to refuse cookies or delete existing cookies. Methods vary by browser:

• Chrome: Settings → Privacy and security → Cookies and other site data
• Firefox: Settings → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Cookies and website data
• Edge: Settings → Cookies and site permissions → Cookies and data stored

Note: Disabling essential cookies will prevent you from using the Service. Disabling other cookies may limit functionality.

Do Not Track

Some browsers have "Do Not Track" features. Our Service does not currently respond to Do Not Track signals due to lack of industry consensus on implementation standards.

9. International Data Transfers

Seerly operates globally, and your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from your country's laws.

9.1 Legal Basis for Transfers

When we transfer data internationally, we ensure adequate protection through:

• Adequacy Decisions: Transferring data to countries deemed to provide adequate data protection by relevant authorities
• Standard Contractual Clauses: Using EU-approved standard contractual clauses (SCCs) with data processors and sub-processors
• Your Consent: Obtaining your explicit consent for specific data transfers where appropriate

9.2 Data Storage Locations

Your data may be stored and processed in various locations depending on our infrastructure providers, including:

• Cloud hosting facilities in the United States, Europe, and Asia
• Third-party AI engine providers' data centers (OpenAI, Anthropic, Google, Perplexity)
• Payment processor facilities (Polar.sh)

All providers are contractually required to maintain appropriate security standards and comply with applicable data protection laws.

10. Children's Privacy

The Service is not intended for, and we do not knowingly collect personal information from, children under the age of 13 (or the applicable age of digital consent in your jurisdiction, which may be 16 in some European countries).

If we become aware that we have collected personal information from a child under the applicable age without parental consent, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from a child, please contact us immediately.

Parents and guardians should supervise their children's online activities and consider using parental control tools to prevent unauthorized access to services not intended for children.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last updated" date at the top of this Policy
• Notify you of material changes via email to your registered email address or through prominent notice on the Service
• Provide a reasonable notice period (typically 30 days) before material changes take effect
• For significant changes, we may seek your explicit consent where required by law

Your continued use of the Service after changes become effective constitutes acceptance of the updated Policy. If you do not agree to changes, you should discontinue use of the Service and may request deletion of your account and data.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. You can always find the current version at [https://seerly.app/privacy](https://seerly.app/privacy).

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, or if you wish to exercise your privacy rights, please contact us:

K4 Minds Technologies LLP
Website: https://seerly.app
Contact Form: Contact Us

We will respond to all requests, inquiries, and complaints within a reasonable timeframe (typically 30 days). For urgent matters or data breach notifications, we will respond as quickly as possible.

Data Protection Officer: For GDPR-related inquiries, you can contact our Data Protection Officer through the contact methods above.

Supervisory Authority (EEA/UK Users): If you are located in the European Economic Area or United Kingdom and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.