logo
ShowYourBrand

Privacy Policy

Last updated: February 17, 2026

1. Introduction

ShowYourBrand ("we," "our," or "us") operates the ShowYourBrand platform, a Generative Engine Optimization (GEO) audit service that analyzes how brands are represented and cited by AI search engines including ChatGPT, Claude, Perplexity, and DeepSeek.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, visit our website at ShowYourBrand, or interact with our services. By using our Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Account Information

  • Name and email address when you create an account or join our waitlist
  • Password (stored as a bcrypt hash, never in plaintext)
  • Language preference (English or French)
  • Subscription tier and billing status

2.2 Business & Audit Data

  • Website URLs you submit for GEO analysis (primary URL and sub-pages)
  • Competitor URLs you provide for comparison (up to 5 per audit)
  • Business category and industry information
  • Audit results including GEO Health Scores, AI citation data, and recommendations
  • HTML scan results (schema.org data, meta tags, heading structure, keyword analysis)

2.3 Payment Information

  • Payment details are processed exclusively through Stripe and never stored on our servers
  • We store only your Stripe Customer ID for subscription management

2.4 Usage & Technical Data

  • Browser type, device information, and operating system
  • IP address and approximate geographic location
  • Pages visited, features used, and interaction patterns
  • Referral source and session duration

2.5 Waitlist Data

  • Email address provided during waitlist registration
  • Survey responses (how you found us, GEO experience level, budget range)

3. How We Use Your Information

  • Provide, operate, and maintain our GEO audit and analysis services
  • Process payments and manage your subscription
  • Generate GEO Health Score reports, competitor analyses, and optimization recommendations
  • Send audit results, PDF reports, and actionable recommendations
  • Improve our AI analysis algorithms and platform features
  • Communicate service updates, new features, and platform news
  • Respond to support requests and provide customer assistance
  • Detect and prevent fraudulent activity or abuse of our Service
  • Comply with legal obligations and enforce our Terms of Service

4. Data Security

We take data security seriously and implement industry-standard measures including:

  • SSL/TLS encryption for all data transmission between your browser and our servers
  • AES-256-GCM encryption for sensitive data at rest in our database
  • Bcrypt password hashing (never stored in plaintext)
  • Secure payment processing through Stripe (PCI DSS Level 1 compliant)
  • JWT-based authentication with secure session management
  • Regular security audits and dependency vulnerability scanning
  • Input sanitization to prevent injection attacks (XSS, SQL injection, MongoDB operators)

5. Data Retention

We retain your data for as long as your account is active or as needed to provide our services:

  • Account data: Retained until you request account deletion
  • Audit reports and results: Stored for 12 months from generation date
  • PDF reports: Stored in secure cloud storage (Vercel Blob) for the retention period
  • Waitlist data: Retained until platform launch or upon your request for deletion
  • Payment records: Retained as required by applicable tax and accounting laws (minimum 6 years in France)

You may request deletion of your personal data at any time by contacting us. Note that we may retain certain data as required by law or for legitimate business purposes.

6. Third-Party Services

We use the following third-party services to operate our platform:

  • Stripe — Payment processing (PCI DSS Level 1 compliant)
  • MongoDB Atlas — Database hosting (SOC 2 Type II certified)
  • Vercel — Application hosting and deployment
  • Resend — Transactional email delivery
  • OpenAI API — ChatGPT analysis for GEO audits
  • Anthropic API — Claude analysis for GEO audits
  • Perplexity API — Perplexity analysis for GEO audits
  • DeepSeek API — DeepSeek analysis for GEO audits
  • Google OAuth — Optional social login provider

Each third-party service has its own privacy policy governing how it handles your data. We encourage you to review their respective policies.

7. International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA), including the United States (for AI API providers and cloud hosting). Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

8. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR) and applicable French data protection law, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at privacy@ShowYourBrand. We will respond within 30 days as required by GDPR.

You also have the right to lodge a complaint with the French data protection authority (CNIL — Commission Nationale de l'Informatique et des Libertés) at www.cnil.fr.

9. Cookies & Tracking

We use essential cookies required for the platform to function properly (authentication, session management, language preferences). We do not use third-party advertising cookies. We may use analytics cookies to understand how our platform is used — you can opt out at any time.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will also notify you by email.

12. Contact Us

For privacy-related inquiries or to exercise your data rights:

  • Email: privacy@ShowYourBrand
  • General support: support@ShowYourBrand.com
  • Website: ShowYourBrand
© 2026 ShowYourBrand. All rights reserved.