Legal

Privacy Policy

Last updated: May 8, 2026

VisibleAI ("VisibleAI", "we", "us") provides a software-as-a-service platform that monitors how third-party AI assistants respond to publicly available, customer-defined prompts. This Privacy Policy describes what information we collect, how we use it, and the choices you have. By creating an account or using the service you agree to the practices described below.

1. Information we collect

1.1 Information you provide

  • Account information: email address, workspace name, and authentication tokens issued by our identity provider.
  • Workspace content: brand names, domains, competitor lists, and the buyer-intent prompts you configure.
  • Billing information: we use Stripe to process payments. We never see, store, or transmit full payment-card numbers; Stripe stores them under PCI DSS Level 1.
  • Communications: emails you send to support and any onboarding feedback you choose to share.

1.2 Information we generate or collect automatically

  • Visibility data: the responses we receive when running your prompts against AI providers, plus the structured analysis we extract from them (mentions, positions, sentiment, citations).
  • Usage data: standard server logs (IP address, user agent, timestamps, request paths) used to operate, secure, and debug the service.
  • Cookies and similar technologies: session cookies set by our authentication provider to keep you signed in. We do not use third-party advertising cookies.

2. How we use information

  • To deliver the core service: running your scheduled queries, computing visibility metrics, generating dashboards, and emailing weekly digests.
  • To operate the business: processing payments, providing customer support, sending transactional service notifications, preventing fraud and abuse.
  • To improve the product: analyzing aggregate, de-identified usage patterns to prioritize features and reliability work.
  • To comply with legal obligations and enforce our Terms of Service.

3. How information is shared

We do not sell personal information. We share information only as follows:

  • Service providers: we rely on the following sub-processors who process data on our behalf under written data-protection agreements:
    • Hosting & infrastructure (cloud compute, database, edge functions)
    • Authentication & application database
    • Payment processing
    • Transactional email delivery
    • AI providers we query on your behalf to generate visibility data
  • Compliance and safety: when required by law, valid legal process, or to protect the rights, safety, and property of VisibleAI, our users, or the public.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to confidentiality and continued protection under this Policy.

4. Your prompts and outputs

The prompts you configure are sent to third-party AI providers in order to generate the visibility data you've requested. We choose providers carefully and rely on their commercial terms, which generally prohibit training on API content. We do not knowingly include personally identifiable information in prompts; you are responsible for the content of the prompts you create. Outputs returned by AI providers are stored in your workspace and are visible only to authenticated members of that workspace.

5. Data retention

  • Visibility runs are retained according to your plan's history window (30, 90, or 365 days). Older runs are automatically deleted.
  • Account, workspace, and billing records are retained for as long as your account is active and for a reasonable period thereafter to satisfy legal, accounting, and reporting obligations.
  • Server logs are retained for up to 90 days for security and reliability investigations.

6. Security

We use industry-standard safeguards including TLS in transit, encryption at rest, row-level authorization on customer data, scoped service credentials, and least-privilege access for operators. No system is perfectly secure; if you believe your account has been compromised, please contact security@visibleai.us immediately.

7. Your choices and rights

  • Access, correction, deletion: you can edit or delete brands, queries, and runs directly in the dashboard. To request a full export or deletion of your account, email privacy@visibleai.us.
  • Marketing email: we do not currently send marketing email. Transactional emails (digest reports, billing notifications, security alerts) cannot be unsubscribed from while you have an active account.
  • Cookies: you can clear cookies in your browser, but doing so will sign you out of the service.
  • Regional rights: depending on your location (e.g., EEA, UK, California), you may have additional rights such as portability, objection, and the right to lodge a complaint with a supervisory authority.

8. International transfers

VisibleAI is operated from the United States. If you access the service from outside the United States, your information will be transferred to and processed in the United States and other jurisdictions where our service providers operate. Where required, transfers rely on standard contractual clauses or other appropriate safeguards.

9. Children

VisibleAI is intended for business use and is not directed to children under 16. We do not knowingly collect personal information from children.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes we will notify active customers via email or an in-app notice prior to the change taking effect.

11. Contact

Questions about this policy? Email privacy@visibleai.us. For security reports use security@visibleai.us.