Legal

Privacy Policy

Effective date: June 05, 2026 · Last updated: June 05, 2026

1. Introduction

This Privacy Policy explains how AEO Juice LLC (“AEO Juice,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you use aeojuice.com and our related services (the “Service”). It should be read together with our Terms of Service.

For European Economic Area, United Kingdom, and similar users, AEO Juice is the “controller” of the personal data described here, except where we process data on behalf of a customer (see “When we act for our customers” below).

2. Information We Collect

2.1 Information you give us

  • Free-report details: the website URL you submit and your email address.
  • Account details: your name, email, and authentication information, handled through our identity provider.
  • Billing details: your billing name and a payment method, collected and stored by our payment processor (we do not store full card numbers).
  • Content and configuration: websites and pages you ask us to analyze or publish to, brand-voice samples, tone preferences, product and promotion descriptions, competitor URLs, and connection authorizations (scoped tokens or API keys) for platforms you control.
  • Communications: messages you send us, including development or support requests.

2.2 Information we collect automatically

  • Usage and device data: such as approximate location, browser type, pages viewed, and actions taken.
  • Network identifiers: we derive a hashed value from your IP address for rate-limiting and abuse prevention; we generally store this in hashed form rather than as a raw IP address.
  • Cookies and similar technologies: used for sessions, security, and basic analytics. See “Cookies” below.

2.3 Information from third parties

We receive limited information from our payment processor (such as charge status), our identity provider (authentication events), and connected platforms you authorize (to publish content or apply fixes).

3. How We Use Information

We use personal information to:

  • Provide, operate, and maintain the Service, including generating reports, scores, content, fixes, and visibility tracking;
  • Create and manage your account and authenticate you;
  • Process payments, manage subscriptions, and send invoices and receipts;
  • Send service emails (such as report-ready notices, welcome messages, and billing notices) and, where permitted, occasional product updates;
  • Enforce rate limits, detect and prevent abuse, fraud, and security incidents;
  • Generate AI outputs using your inputs (for example, synthesizing a brand-voice profile from samples you provide);
  • Analyze and improve the Service; and
  • Comply with law and enforce our agreements.

4. Legal Bases (EEA/UK Users)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

  • Contract: to provide the Service you request and manage your account and billing.
  • Legitimate interests: to secure the Service, prevent abuse, and improve our product, balanced against your rights.
  • Consent: for non-essential cookies and any marketing emails, which you can withdraw at any time.
  • Legal obligation: to retain certain billing and transaction records.

5. AI Processing

Some features send your inputs (such as report data, content briefs, or brand-voice samples) to AI providers to generate outputs. We log the fact and cost of these AI calls for accounting purposes. We do not use this data to train our own foundation models, and we contract with AI providers on terms intended to prevent your inputs from being used to train their models; however, each provider’s handling is governed by its own terms. Do not submit sensitive personal information in free-text fields.

6. How We Share Information

We do not sell your personal information. We share it only as follows:

  • Service providers / sub-processors that help us run the Service, under contracts that limit their use of the data (see the table below);
  • Connected platforms you authorize, in order to publish content or apply fixes you request;
  • Legal and safety: to comply with law, enforce our Terms, or protect rights, safety, and property; and
  • Business transfers: in connection with a merger, acquisition, or sale of assets, subject to this Policy.

Key sub-processors

ProviderPurpose
VercelApplication hosting
NeonDatabase (Postgres)
UpstashCaching and rate limiting
CloudflareDNS, email routing, security
BrevoTransactional and notification email
StripePayment processing and billing
ClerkAuthentication and account management
Anthropic, OpenAI, PerplexityAI content and visibility analysis
Google PageSpeed InsightsPerformance measurement

This list may change as our providers do; the current list is available on request.

7. International Data Transfers

We and our providers may process personal data in the United States and other countries that may not offer the same level of protection as your home country. Where we transfer personal data out of the EEA or UK, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or equivalent mechanisms.

8. Data Retention

We keep personal data for as long as needed to provide the Service and for legitimate business and legal purposes. In particular:

  • Report results and lead records may be retained on an ongoing basis to support history, trends, and account features; report screenshots may age out sooner.
  • Billing and transaction records are retained as required by law and accounting needs.
  • Anonymous report links expire after a limited period, though underlying data may be retained.

You may ask us to delete or anonymize your personal data; we will honor such requests subject to records we are required or permitted to keep by law (for example, billing records and certain audit logs).

9. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, or port your personal data; to object to or restrict certain processing; and to withdraw consent. To exercise these rights, contact us using the details below. We will respond as required by applicable law and will not discriminate against you for exercising them.

9.1 EEA/UK users

You have the rights described above under the GDPR/UK GDPR and may lodge a complaint with your local data protection authority.

9.2 California users (CCPA/CPRA)

California residents may request disclosure, deletion, and correction of personal information and may opt out of any “sale” or “sharing” of personal information. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising. You may exercise these rights using the contact details below.

10. When We Act for Our Customers

When an agency or other customer uses the Service for the benefit of their own clients, that customer is responsible for the personal data in the websites and content they submit and direct us to process, and acts as the controller of that data. In those cases we act as a processor and handle the data on the customer’s instructions. If you are an end user whose data is processed because a customer uses our Service, please contact that customer to exercise your rights; we will assist them as required.

11. Cookies and Similar Technologies

We use only cookies and similar technologies that are strictly necessary to operate the Service, such as those that keep you signed in and protect security. We do not use advertising cookies or third-party advertising trackers. If we introduce non-essential cookies or analytics in the future, we will update this section and, where required, request your consent. You can control cookies through your browser settings, though disabling strictly necessary cookies may affect functionality.

12. Security

We use technical and organizational measures designed to protect personal data, including encryption of stored credentials and access controls. We connect to your platforms only through scoped, revocable tokens or API keys — never your hosting, server, FTP, or root passwords. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Children

The Service is not directed to children, and you must be at least 18 to use it. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

14. Changes to This Policy

We may update this Policy from time to time. We will revise the “Last updated” date and, for material changes, provide additional notice where appropriate. Your continued use of the Service after changes take effect means you accept the revised Policy.

15. Contact Us

For privacy questions or to exercise your rights, contact us at support@aeojuice.com.