Privacy Policy

ConduitScore, Inc. (“ConduitScore,” “we,” “us,” or “our”) operates the website conduitscore.com and the ConduitScore AI visibility audit platform (collectively, the “Service”). This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding that data.

By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Service.

2.1 Information You Provide

• Account data: Email address when you register or sign in via magic link or Google OAuth.
• Payment data: Billing information is processed by Stripe. We do not store full card numbers.
• URLs you scan: Website URLs you submit for AI visibility audits.
• Support communications: Any messages you send us.

2.2 Information Collected Automatically

• Usage data: Pages visited, features used, scan frequency, and interaction logs.
• Technical data: IP address, browser type, operating system, referral URLs, and device identifiers.
• Cookies and tracking technologies: See our Cookie Policy.

We use your personal data to:

• Provide, operate, and improve the Service
• Process payments and manage your subscription
• Send transactional emails (magic links, receipts, scan notifications)
• Send product updates and marketing communications (with your consent, opt-out available)
• Analyze usage to improve features and performance
• Prevent fraud, abuse, and security incidents
• Comply with legal obligations

For users in the European Economic Area, we process data under the following legal bases:

• Contract performance: To deliver the Service you signed up for.
• Legitimate interests: Analytics, security, and product improvement.
• Consent: Marketing emails and non-essential cookies.
• Legal obligation: Tax, fraud prevention, and regulatory compliance.

We do not sell your personal data. We may share data with:

• Service providers: Stripe (payments), Resend (email), Vercel (hosting), Neon (database), Supabase (analytics/state).
• Analytics providers: Aggregated, de-identified usage data.
• Law enforcement: When required by applicable law or court order.
• Business transfers: In the event of a merger, acquisition, or asset sale.

We retain your account data for as long as your account is active or as needed to provide the Service. Scan results are retained for 12 months on free plans and 24 months on paid plans. You may request deletion at any time by contacting us.

Depending on your location, you may have the right to:

• Access, correct, or delete your personal data
• Object to or restrict processing
• Data portability (receive your data in a structured format)
• Withdraw consent at any time
• Lodge a complaint with your local data protection authority

To exercise these rights, email us at privacy@conduitscore.com.

We use cookies and similar technologies. See our Cookie Policy for details on what cookies we use and how to control them.

We implement industry-standard security measures including HTTPS encryption, AES-256 encryption for sensitive vault data, and regular security reviews. However, no method of transmission over the Internet is 100% secure.

The Service is not directed to children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us immediately.

Your data may be transferred to and processed in countries other than your own. When transferring data from the EEA, we use Standard Contractual Clauses or other approved mechanisms.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Continued use after the effective date constitutes acceptance of the revised policy.

For privacy-related questions, contact us at: