Privacy Policy

ContentCraftPro ("we", "us", "our") provides AI visibility audits and related reports to businesses. This page explains what we collect, how we use it, and the choices you have. Plain English.

1. What we collect

Information you give us

• Account and order info: name, email, business name, website URL, city, category. Submitted when you request a free scan or order a Deep Audit.
• Payment info: processed by PayPal. We do not store your card number. We receive a transaction ID and the last four digits.
• Communications: email replies, support messages and feedback you send us.

Information we collect automatically

• Public website data: pages of your site we fetch for audit purposes (HTML, schema, images, Lighthouse metrics).
• Public Google Business Profile data: name, category, reviews, photos, hours.
• Anonymous usage data: privacy-respecting analytics (Cloudflare Web Analytics) covering page views, referrer and country. No cookies, no fingerprinting, no IPs stored.

Information we generate

• AI query results: outputs from ChatGPT, Claude, Perplexity and Google AI Overviews based on queries we run about your category and city.
• Your audit report: the PDF and underlying data files we prepare for you.

2. How we use it

• To produce, deliver and improve your report.
• To process payments and issue refunds.
• To respond to your messages and provide support.
• To send transactional emails about your order. No marketing email unless you opt in.
• To detect, prevent and address fraud or abuse.
• To comply with legal obligations.

3. Subprocessors we share with

We use the following providers to deliver the service. Each receives only the data needed for its narrow function.

• PayPal: payment processing.
• Cloudflare: hosting, DNS, CDN, analytics.
• Anthropic, OpenAI, Perplexity, Google: AI engines we query to test your visibility.
• SerpAPI: search-engine result data.
• Google PageSpeed and Lighthouse: public performance metrics for your site.
• Resend or Postmark: transactional email delivery.
• n8n: workflow automation (self-hosted).
• Google Workspace: internal collaboration on report drafts.

We do not sell, rent or trade your data with anyone, ever.

4. How long we keep it

• Order and billing records: 7 years (tax and accounting law).
• Audit reports and supporting data: 24 months after delivery, then deleted unless you ask us to keep them longer.
• Free-scan submissions: 12 months, then deleted.
• Email correspondence: 3 years.

5. Your rights

Wherever you live, you can ask us to:

• Access a copy of your data.
• Correct anything that is wrong.
• Delete your data (subject to legal retention obligations above).
• Export your data in a portable format (JSON or PDF).
• Object to or restrict certain processing.
• Withdraw consent at any time.

If you are in the EU or UK, you have rights under GDPR. In California, under CCPA and CPRA. In Israel, under the Privacy Protection Law. Email edgar@contentcraftpro.com with subject "Data Request" and we'll respond within 5 business days (30 days max for complex requests).

6. Security

We use TLS 1.3 in transit, encrypted storage at rest, scoped API keys and access controls limited to the small team that needs them. No system is 100% secure. We'll notify you within 72 hours of becoming aware of any breach that affects your data.

7. Children

ContentCraftPro is a B2B service. We do not knowingly collect data from anyone under 16.

8. International transfers

Our infrastructure is global (Cloudflare). Data may be processed in the US, EU or other Cloudflare regions. We rely on Standard Contractual Clauses where required.

9. Cookies and tracking

This site uses zero advertising cookies and zero third-party tracking. Cloudflare Web Analytics is cookie-free and IP-less. If we ever change this, we'll update this page and post a notice.

10. Changes to this policy

If we materially change this policy, we'll update the "Last updated" date and, for active customers, send an email. Continued use after changes means acceptance.