VisibilityKit
Sign Up

Privacy Policy

How we protect your data

Last updated: May 12, 2026

1. Introduction

VisibilityKit ("we," "our," or "us") is operated by SevenHills Software. We run the VisibilityKit platform, an AI Engine Optimization (AEO) service that tracks how often your brand is cited by AI assistants when your buyers ask category questions across ChatGPT, Perplexity, Gemini, Claude, Google AI Overviews, Copilot, Grok, DeepSeek, and Meta AI.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over it. By using VisibilityKit, you agree to the practices described here.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and password when you create an account.
  • Business Information: Company name, website URL, brand names, and the keywords or queries you want tracked.
  • Payment Information: Billing address and payment details. Payments are processed by Lemon Squeezy. We do not store full card numbers on our servers.
  • Communication Data: Messages you send us through our contact form, email, or support channels.

2.2 Information We Collect Automatically

  • Usage Data: Pages you visit, features you use, audit history, and interaction patterns within the platform.
  • Device Information: Browser type, operating system, and device identifiers.
  • Log Data: IP address, access times, and referring URLs.
  • Cookies and Analytics Events: We use cookies and PostHog event capture to understand how the product is used. See our Cookie Policy for details.

2.3 Information from Third Parties

  • AI Platform Responses: When we run an audit for you, we query public interfaces of AI platforms (ChatGPT, Perplexity, Gemini, Claude, Google AI Overviews, Copilot, Grok, DeepSeek, and Meta AI) using your brand and keyword strings. The responses we receive back are stored against your account so we can detect citations and report visibility.
  • Analytics Providers: Aggregated usage and performance data from PostHog and our hosting provider.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our AI visibility tracking service.
  • Generate audits and insights about your brand's presence across the nine AI platforms we monitor.
  • Send you notifications about audit results, alerts, and account activity.
  • Process payments and manage your subscription.
  • Respond to your inquiries and provide customer support.
  • Send marketing communications, where you have consented or where the law allows it.
  • Analyze usage patterns to improve performance and product design.
  • Detect, prevent, and address technical issues, fraud, or security threats.
  • Comply with legal and tax obligations.

4. How We Share Your Information

We share your information only with the parties listed below, and only to the extent needed to run the service.

4.1 Service Providers

  • Supabase: Database and authentication.
  • Lemon Squeezy: Payment processing, subscription billing, and tax handling.
  • Vercel: Application hosting and content delivery.
  • PostHog: Product analytics, including cookie-based session data and event capture.
  • AI providers (OpenAI, Anthropic, Google, xAI, Perplexity, and others): We send public brand, keyword, and query strings to their public interfaces on your behalf to detect citations. We do not send your account email, billing details, or other personal data to these providers.

4.2 Legal Requirements

We may disclose your information if required by law, court order, or a valid governmental request, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

If SevenHills Software or VisibilityKit is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you and update this policy if that happens.

We do not sell your personal information to third parties.

5. Data Retention

We keep your personal information for as long as your account is active or as needed to provide the service. Specifically:

  • Account data: Kept while your account is active. Deleted within 30 days of account closure.
  • Audit history: Kept for 12 months so we can show trend analysis and historical visibility.
  • Payment records: Kept for 7 years for tax and legal compliance.
  • Log data: Kept for 90 days for security and debugging.

6. Your Rights (GDPR)

If you are located in the European Economic Area (EEA) or the UK, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data (the "right to be forgotten").
  • Right to Restrict Processing: Ask us to limit how we use your data.
  • Right to Data Portability: Receive your data in a common, machine-readable format.
  • Right to Object: Object to certain types of processing, including direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time where we rely on consent as the legal basis.

To exercise these rights, email us at privacy@visibilitykit.com. We will respond within 30 days.

7. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect about you.
  • Request deletion of your personal information.
  • Opt out of the sale of your personal information. We do not sell personal information.
  • Not be discriminated against for exercising your privacy rights.

To make a request, email us at privacy@visibilitykit.com.

8. Cookies and Tracking

We use cookies and similar technologies to keep you signed in, remember your settings, and understand how the product is used. Categories include:

  • Essential cookies: Required for the platform to function, such as authentication and session management.
  • Analytics cookies: Set by PostHog so we can see how visitors use our site and product.
  • Preference cookies: Remember your settings and choices.

You can control cookies through your browser settings. For full details, see our Cookie Policy.

9. Third-Party Services

Our service depends on several third-party providers. When you use VisibilityKit, your data may be processed by:

  • Lemon Squeezy: Handles payment data, invoices, and sales tax. Their handling is governed by Lemon Squeezy's Privacy Policy.
  • Supabase: Stores your account, audit data, and authentication state.
  • Vercel: Hosts the application and serves it through a global CDN.
  • PostHog: Captures product analytics events and session data.
  • AI Platforms (ChatGPT, Perplexity, Gemini, Claude, Google AI Overviews, Copilot, Grok, DeepSeek, Meta AI): We query their public interfaces on your behalf using brand, keyword, and query strings you have configured. We do not share your personal account data with them.

Use of VisibilityKit is also governed by our Terms of Service.

10. Data Security

We use technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit using TLS, and encryption at rest provided by our database and hosting providers.
  • Role-based access controls and authentication requirements.
  • Internal employee training on data protection.
  • Logging and monitoring of access to production systems.

No method of transmission over the Internet is fully secure. We cannot guarantee absolute security, but we work to keep your data safe and to respond quickly if something goes wrong.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States, where SevenHills Software and several of our service providers operate. Where required, we rely on Standard Contractual Clauses or other approved safeguards for transfers from the EEA and the UK.

12. Children's Privacy

VisibilityKit is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has given us personal information, contact us at privacy@visibilitykit.com and we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page and update the "Last updated" date at the top. For significant changes, we will also notify account holders by email.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please reach out:

For GDPR-related inquiries, you may also contact your local data protection authority.