Privacy Policy

Overview and scope

This Privacy Policy explains how equal AI collects, uses, shares, stores, and protects personal data when you visit our website, create an account, use the equal AI platform, interact with our reports, APIs, integrations, free tools, or contact our team.

equal AI helps teams measure AI search visibility, prompt performance, model responses, citations, sentiment, competitors, AI referral paths, and related recommendations. This policy applies to website visitors, trial users, customers, workspace members, agency clients, enterprise users, and support contacts.

For customer workspace data that we process on behalf of a business customer, the customer is generally the controller and equal AI acts as processor. For our website, account administration, billing, security, service analytics, and marketing operations, equal AI may act as an independent controller where permitted by law.

Information we collect

We collect account and profile information such as name, business email, company, role, password or authentication metadata, workspace membership, plan, preferences, and communications with our team.

We collect product configuration and customer content needed to provide the service, including tracked domains, brand names, competitors, prompt libraries, target markets, model selections, tags, notes, annotations, report settings, exports, API usage, integration settings, and support requests.

We collect AI visibility data generated through the platform, including prompts submitted for tracking, AI model responses, cited URLs, citation domains, sentiment labels, entity mentions, ranking or share-of-voice metrics, recommendations, crawler and referral observations, and timestamps.

We collect technical, device, and usage data such as IP address, browser, operating system, approximate location, pages viewed, referring URLs, session events, feature usage, log data, error reports, authentication events, security events, and cookie or similar technology identifiers.

We collect billing metadata such as subscription plan, invoice status, billing address, tax information, payment status, card brand, last four digits, expiration month/year, and transaction identifiers. Full payment card numbers, CVCs, and sensitive payment credentials are processed by our payment processor and are not stored by equal AI.

Analytics, cookies, and GA4

We use cookies, local storage, pixels, and similar technologies to keep users signed in, remember preferences, secure sessions, measure site performance, understand product usage, attribute signups, and improve the service.

We may use Google Analytics 4 (GA4) and similar analytics tools to understand website and product usage. GA4 may collect event data, device data, approximate location, referral source, and pseudonymous identifiers. We configure analytics for measurement and product improvement, not for selling customer workspace data.

Where required by law, we request consent before using non-essential analytics or marketing cookies. You can manage cookies through your browser settings, consent banner controls where available, or privacy choices offered by applicable vendors.

Strictly necessary cookies and storage are used for authentication, security, fraud prevention, load balancing, billing, preference management, and core product functionality. Disabling them may prevent parts of the service from working.

How we use information

We use information to provide, maintain, secure, and improve equal AI, including authentication, workspace administration, prompt tracking, report generation, citation analysis, recommendations, exports, integrations, support, billing, fraud prevention, and service communications.

We use product and usage data to debug errors, monitor reliability, prevent abuse, enforce limits, analyze feature adoption, develop new functionality, and understand which workflows are useful for customers.

We use account and contact information to respond to requests, send transactional notices, provide onboarding, deliver invoices, communicate product updates, and, where permitted, send marketing messages. You can opt out of marketing messages without affecting service notices.

We may create aggregated or de-identified statistics, benchmarks, and research from product data. We do not identify a customer, user, brand, domain, or workspace in public materials without permission or another lawful basis.

Legal bases for processing

Where GDPR, UK GDPR, India's Digital Personal Data Protection Act, or similar laws apply, we process personal data based on one or more lawful grounds, including performance of a contract, legitimate interests, consent, compliance with legal obligations, and protection of rights, security, and service integrity.

Examples of legitimate interests include providing and improving the service, securing accounts, preventing fraud or abuse, responding to requests, measuring business performance, and understanding whether website and product experiences are effective.

Where processing depends on consent, such as certain analytics, marketing communications, or non-essential cookies in some regions, you may withdraw consent at any time through the available controls or by contacting us. Withdrawal does not affect prior lawful processing.

AI prompts, outputs, and third-party models

equal AI measures public and customer-configured AI visibility signals. Prompts, domains, competitor names, and related configuration may be sent to third-party AI engines, search providers, or data providers when needed to run tracking, retrieve responses, analyze citations, or generate reports.

Customers are responsible for deciding what they configure in the platform. Do not submit sensitive personal data, payment card data, health data, government identifiers, children's data, secrets, private credentials, or regulated confidential information unless your agreement explicitly permits that use and appropriate safeguards are in place.

AI model outputs are generated by third-party systems and may be incomplete, inaccurate, biased, outdated, or non-deterministic. We process outputs to provide measurement and recommendations, but equal AI does not control the underlying third-party model behavior.

Sharing and subprocessors

We do not sell customer workspace data. We share information only as needed to operate, secure, support, bill, improve, or legally protect the service, or as directed by the customer.

We use service providers and subprocessors for cloud hosting, storage, databases, authentication, analytics, payment processing, tax and invoicing, customer support, communications, monitoring, logging, security, and product infrastructure.

Payment providers process payment data under their own security and compliance programs. Analytics providers process measurement data according to their terms and privacy settings. We require vendors to protect data and use it only for authorized purposes.

We may disclose information if required by law, subpoena, court order, governmental request, to protect rights and safety, to investigate abuse, to enforce our terms, or in connection with a merger, acquisition, financing, reorganization, or sale of assets.

International transfers

equal AI may process and store information in countries other than where you are located, including through cloud, analytics, payment, support, and communications providers. These countries may have data protection laws that differ from your jurisdiction.

Where required, we use appropriate safeguards for international transfers, such as Standard Contractual Clauses, UK transfer mechanisms, data processing agreements, vendor due diligence, and other lawful transfer tools.

Retention and deletion

We retain personal data for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, prevent fraud, support audits, and preserve legitimate business records.

Customer workspace data is retained according to the subscription plan, order form, DPA, backup practices, and deletion requests. Backups and logs may persist for a limited period before being overwritten or deleted through normal retention cycles.

Billing, tax, invoice, security, and legal records may be retained longer where required by law or legitimate business needs. We may retain aggregated or de-identified data that no longer identifies a person or customer.

Your privacy rights

Depending on your location, you may have rights to access, correct, delete, export, restrict, object to, or withdraw consent for certain processing of your personal data. You may also have the right to complain to a data protection authority.

Workspace owners and administrators can manage users, remove access, update settings, and request export or deletion of customer data. Individual users may contact the customer that controls their workspace data or contact equal AI for help routing the request.

We may need to verify your identity and authority before fulfilling a request. Some requests may be limited by legal obligations, security needs, contractual duties, backup retention, or the rights of others.

Children and sensitive data

equal AI is a business service and is not intended for children. We do not knowingly collect personal data from children under the age required by applicable law. If you believe a child provided personal data, contact us so we can take appropriate action.

The service is not designed to process special category data, sensitive personal data, payment card numbers, passwords outside authentication flows, protected health information, or regulated financial data unless expressly agreed in writing.

Security and contact

We use administrative, technical, and organizational safeguards designed to protect personal data, including access controls, encryption in transit, cloud security controls, monitoring, backup practices, and least-privilege operational access.

No online service can guarantee absolute security. You are responsible for maintaining strong credentials, controlling workspace access, reviewing integrations, and using the service in line with your legal obligations.

For privacy requests, contact team@equalai.io. For security matters, contact team@equalai.io. For enterprise or DPA requests, contact the equal AI team through the enterprise workflow.

Changes to this policy

We may update this Privacy Policy to reflect product changes, legal requirements, vendor changes, or operational improvements. The updated date on this page indicates when the policy was last revised.

Material changes will be communicated through reasonable means, such as the website, account notices, email, or contractual notice procedures. Continued use of the service after an update means the updated policy applies.