Privacy Policy
Last updated: July 12, 2026
This Privacy Policy explains how AEOpack Inc. (“AEOpack,” “we,” “us” or “our”) collects, uses, discloses and safeguards personal data when you visit our website, create an account, or use the AEOpack AI Search Intelligence platform (the “Service”). We are committed to handling your data responsibly and in accordance with applicable data-protection laws, including the EU and UK General Data Protection Regulation (GDPR).
1. Who we are
AEOpack Inc. is the data controller for personal data processed about visitors and account holders. For data you upload about your own end users or brand, you are the controller and we act as a processor on your behalf under our Terms of Service.
2. Information we collect
- Account information — name, email address, password (stored only as a secure hash), organization name and role.
- Content you provide — the brands, competitors, prompts and settings you add to run AI visibility scans.
- Billing information — plan selection and billing status. Card details are collected and processed directly by our payment provider (Paddle); we do not store full card numbers.
- Usage data — log data such as pages viewed, actions taken, device and browser type, and approximate location derived from your IP address.
- Cookies and similar technologies — used to keep you signed in and to understand aggregate usage (see Section 5).
3. How we use your information
- To provide, operate, secure and improve the Service;
- To run the AI scans you request and generate your reports and recommendations;
- To process payments, manage subscriptions and send service communications;
- To detect, prevent and respond to fraud, abuse and security incidents;
- To comply with legal obligations and enforce our agreements.
4. Legal bases for processing (GDPR)
Where GDPR applies, we rely on the following legal bases:
- Contract — to provide the Service you have signed up for;
- Legitimate interests — to secure, maintain and improve the Service, so long as your rights do not override those interests;
- Consent — for non-essential cookies and optional marketing, which you may withdraw at any time;
- Legal obligation — to meet tax, accounting and other legal requirements.
5. Cookies and IP handling
We use strictly necessary cookies to authenticate your session and remember your preferences, plus limited analytics to understand aggregate usage. You can control non-essential cookies through your browser settings. Where we process IP addresses for security or analytics, we hash them promptly using a salted SHA-256 function and truncate the result, so we avoid retaining raw IP addresses in our analytics stores.
6. AI processing
To measure your AI visibility, the Service submits the prompts and brand terms you configure to third-party AI engines (such as ChatGPT, Claude, Gemini and Perplexity) and records their responses. Please avoid including personal or confidential information in prompts that you would not want processed by these providers. We do not use your private account content to train our own or third parties’ models.
7. How we share information
We do not sell your personal data. We share it only with service providers (“subprocessors”) who help us operate the Service under contractual confidentiality and security obligations, including:
- Cloud hosting and infrastructure providers;
- Paddle, our payment provider and Merchant of Record;
- AI engine providers that return the answers we analyze;
- Analytics and communication tools used to run the Service.
We may also disclose data where required by law, to protect our rights, or in connection with a merger, acquisition or asset sale.
8. International transfers
We may process and store data in countries other than your own. Where we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.
9. Data retention
We retain personal data for as long as your account is active and as needed to provide the Service, then for a limited period to meet legal, accounting and security obligations. Scan history is retained according to your plan’s history window. When data is no longer required, we delete or anonymize it.
10. Security
We protect data with encryption in transit and at rest, strict multi-tenant isolation, role-based access control and other safeguards. Learn more on our Security page. No method of transmission or storage is perfectly secure, but we work continuously to protect your information.
11. Your rights
Depending on your location, you may have the right to access, correct, delete, restrict or object to the processing of your personal data, to data portability, and to withdraw consent. You may also lodge a complaint with your local supervisory authority. To exercise these rights, contact us at privacy@aeopack.com. We will respond within the time required by applicable law.
12. Children
The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us data, please contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you.
14. Contact us
Questions about this policy or your data? Contact us at privacy@aeopack.com. You can also review our Terms of Service.