Privacy Policy

1. Introduction

Welcome to Aura™ GEO Audit ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our Generative Engine Optimization audit tool at aurareport.ai.

By using Aura™, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

• Domain Name: Your website URL (public information, not PII)
• Business Name: Your company or organization name (public information)
• Industry Keywords: Keywords describing your business (user-provided, non-sensitive)
• Email Address: Provided voluntarily for report delivery (PII, stored encrypted)
• Survey Responses: Optional feedback on report accuracy (anonymized)

2.2 Automatically Collected Information

• Usage Data: Pages visited, time spent, browser type (via Google Analytics)
• Device Information: Device type, operating system, screen resolution
• IP Address: Anonymized for analytics and fraud prevention
• Cookies: Essential cookies for site functionality (see Cookie Policy below)

2.3 Generated Report Data

• Audit Scores: AVS, GAS, Authority scores (stored for baseline tracking)
• Report Content: All sections of your generated GEO audit
• Report URL: Unique identifier and shareable link
• View Count: Number of times your report has been accessed

3. How We Use Your Information

We use collected information for the following purposes:

• Provide Services: Generate your GEO audit report and deliver results
• Send Reports: Email your audit report if you provided an email address
• Improve Accuracy: Use anonymized audit data to refine our AI algorithms
• Elite Notifications: Send congratulatory emails to high performers (90+ scores)
• Baseline Tracking: Store previous reports to show score deltas on re-scans
• Analytics: Understand how users interact with our tool to improve UX
• Fraud Prevention: Detect and prevent abuse, spam, or malicious activity
• Legal Compliance: Comply with applicable laws and regulations

4. Data Storage and Security

4.1 Storage Locations

• Browser LocalStorage: Report data cached locally on your device (Phase 1)
• Netlify Forms: Email addresses and form submissions (encrypted at rest)
• Google Gemini API: Temporary processing only (not stored by Google)
• Render Cloud: Static site hosting (encrypted in transit via HTTPS)

4.2 Security Measures

• All data transmitted via HTTPS (TLS 1.3)
• Email addresses encrypted at rest
• API keys stored as environment variables (never in code)
• Regular security audits and updates
• Access controls and authentication for admin functions

4.3 Data Retention

• Report Data: Stored indefinitely to maintain unique URLs and baseline comparisons
• Email Addresses: Stored until you request deletion or unsubscribe
• Survey Responses: Anonymized immediately and stored for algorithm improvement
• Analytics Data: Retained for 26 months (Google Analytics default)

5. Data Sharing and Third Parties

5.1 We Share Data With:

• Google Gemini API: Domain, business name, keywords for AI analysis (not stored by Google)
• Netlify: Form submissions for email delivery (GDPR compliant)
• Google Analytics: Anonymized usage data for analytics (GDPR mode enabled)
• Render: Hosting provider (SOC 2 compliant)

5.2 We Do NOT:

• Sell your personal information to third parties
• Share your email with marketers or advertisers
• Use your data for purposes other than stated in this policy
• Track you across other websites (no cross-site tracking)

6. Your Rights (GDPR & CCPA)

You have the following rights regarding your personal data:

• Access: Request a copy of all data we have about you
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing of your data for specific purposes
• Restriction: Request restriction of processing under certain conditions
• Withdraw Consent: Withdraw consent at any time (doesn't affect prior processing)

To exercise any of these rights, email us at: privacy@oneclickgeo.com

7. Cookies and Tracking

We use the following types of cookies:

7.1 Essential Cookies

• LocalStorage for report caching (required for baseline tracking feature)
• Session cookies for form state (temporary, deleted when you close browser)

7.2 Analytics Cookies

• Google Analytics (_ga, _gid) - tracks site usage (anonymized IP)
• You can opt-out at: Google Analytics Opt-out

We do not use advertising cookies or tracking pixels.

8. Children's Privacy

Aura™ is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a minor, please contact us immediately at privacy@oneclickgeo.com and we will delete it.

9. International Data Transfers

Your data may be transferred to and processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place (Standard Contractual Clauses) to protect your data in accordance with this privacy policy and applicable laws.

10. Changes to This Policy

We may update this Privacy Policy periodically. The "Last Updated" date at the top of this page indicates when the policy was last revised. Significant changes will be communicated via email (if you provided one) or a notice on our website. Continued use of Aura™ after changes constitutes acceptance of the updated policy.

11. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at: