Last updated: July 2, 2026
This policy describes exactly what data Clarity Search AI collects, why, who processes it, and the rights you have over it. The short version: we collect what the product needs to run, we never store your card number, we do not sell your data or use it to train AI models, and you can see, export, or delete it by emailing us. The details follow.
This policy explains how Clarity Search AI, Inc. (Clarity, we, us) collects, uses, shares, and protects personal information when you use the Clarity Search AI platform, this website, and our free tools (together, the Service). It also explains the choices and rights you have. It does not cover third-party services you connect to the platform (like your Google or GitHub account), which have their own privacy policies, although it does describe what we access from them and why.
One distinction used throughout: content the platform retrieves from your customers or website visitors is generally data you control and we process on your behalf; data about you as our user is data we control.
Account information. When you sign up we collect your name, email address, and a password. Authentication is handled by Supabase Auth; passwords are stored only in hashed form and we never see or store them in plaintext. If you join a team, we also store your role and invitations.
Billing information. Payments are processed by Stripe. We receive and store your plan, subscription status, billing cycle, and Stripe customer and subscription identifiers. We never store your full card number; card details go directly to Stripe.
Connected-integration data. If you connect Google Analytics or Google Search Console via Google OAuth, we access reporting data such as traffic, referral, conversion, and search-performance metrics for the properties you choose, and we store the OAuth tokens needed to keep the connection alive. If you connect GitHub or a content management system (such as WordPress, Webflow, Shopify, or Framer), we access and store the connection credentials you grant, repository or site structure, and the content needed to publish on your behalf.
Your website content. To run audits, train the agent’s voice on your brand, and generate content, we crawl and store pages from the websites you register and, for free tools, from URLs you submit.
AI prompts and generated content. The questions the platform asks AI engines about your brand, excerpts of your site content, and the drafts, scores, and answers that come back are stored in your workspace so you can review them.
Support conversations. If you use in-app chat (Intercom) or email support, we keep the conversation, your contact details, and, for signed-in users, your account identifier so we can help you.
Product analytics. We use PostHog to understand how the platform is used (a curated set of named events and pageviews, tied to your user ID once you sign in) and Microsoft Clarity for aggregate session analytics. Autocapture of arbitrary page content is disabled in PostHog, and anonymous pre-login traffic is not turned into a person profile.
Marketing-site analytics and advertising. On this website (not the signed-in app) we use Google Analytics and Google Tag Manager, Microsoft Clarity, and the Meta, Reddit, and OpenAI advertising pixels to measure traffic and the results of our ads. These load only after you accept our cookie banner, and Google’s tags run cookielessly until then. When you submit a form after accepting, the advertising pixels receive a hashed (SHA-256) version of your email and company name, computed in your browser, so a conversion can be matched to a campaign; our analytics receives no personal data. See our Cookie Policy for the full list and your controls.
Marketing-site forms and free tools. If you book a demo or unlock a free tool result with your email, we send your email and the details you provide (name, company, message, the brand you checked) to Brevo, our CRM and email service. Free-tool inputs (a URL or brand name) are processed to produce your result; the AI visibility tool sends the brand name, and optional industry and competitor names, to the AI engines it queries.
Server logs. Like nearly every online service, our infrastructure logs IP addresses, browser type, requested pages, timestamps, and errors, which we use for security, debugging, and abuse prevention.
Clarity Search AI’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
In practice, for the Google Analytics and Search Console data you connect:
We use the information above to:
Where GDPR applies, our legal bases are performance of a contract (running the Service), legitimate interests (security, product improvement, defending claims), consent (marketing, analytics and advertising cookies on our site, and optional features, which you can withdraw at any time), and legal obligation. We do not sell personal information, and we do not use your content or your connected-account data to train AI models.
We share personal information only with the service providers that make the product work, under contracts that limit their use of it to providing their service to us:
| Provider | Role | Data involved |
|---|---|---|
| Supabase | Authentication, database, backend functions | Account details, hashed credentials, workspace data, integration tokens |
| Stripe | Payment processing and billing portal | Name, email, payment method (held by Stripe), subscription details |
| Intercom | In-app support messenger | Name, email, user ID, signup date, support conversations |
| PostHog | Product analytics (US-hosted) | User ID, curated product events, pageviews, device info |
| Microsoft Clarity | Session analytics (platform and marketing site) | Interaction and session data, device info |
| OpenAI | AI model provider (monitoring and generation); marketing-site advertising pixel | Prompts about your brand, site content excerpts; ad and conversion events on the marketing site |
| Meta | Advertising pixel on our marketing site | Hashed email and company name, ad interaction and conversion events |
| Advertising pixel on our marketing site | Hashed email and company name, ad interaction and conversion events | |
| Anthropic | AI model provider (agents and generation) | Prompts about your brand, site content excerpts |
| Gemini model API; GA4 / Search Console APIs you connect; PageSpeed; Analytics and Tag Manager on our marketing site | Prompts about your brand; the analytics and search data you authorize; aggregate site-usage measurement | |
| Perplexity | AI answer engine (monitoring) | Prompts about your brand |
| Firecrawl | Website crawling for audits and content extraction | URLs and public page content of sites you register or submit |
| Brevo | Transactional and marketing email, lead capture | Email, name, company, email preferences, form submissions |
| GitHub | Repository integration you connect (PRs, publishing) | Repository structure and the content we publish for you |
| Netlify | Web hosting and delivery | Server logs (IP address, requests) |
| Amazon Web Services | Agent infrastructure and secrets management | Workspace data processed by the agents, server logs |
We may also disclose information if required by law or legal process, to protect the rights, safety, or property of Clarity or others, or as part of a merger, acquisition, or asset sale (in which case this policy continues to apply to your data and we will notify you of any change of controller). Beyond the advertising pixels on our marketing site, which share only hashed identifiers to measure our own campaigns and which you can decline in our cookie banner, we do not share personal information with third parties for their own advertising.
We keep personal information for as long as your account is active and as needed to provide the Service. When you delete your account (available in the app or by emailing us), we delete or de-identify your account data, workspace content, and integration tokens within a reasonable period, except where we must keep records longer for legal, tax, billing-dispute, or security reasons (for example, invoices held by Stripe). Server logs are retained on a short rolling window. Backups age out on a fixed schedule; data deleted from production disappears from backups as they rotate.
Free-tool inputs are processed to produce your result; if you provide your email through a tool, it is retained in Brevo until you unsubscribe or ask us to delete it.
We work to protect your data with measures that include:
No online service can promise perfect security. If we learn of a breach affecting your personal information, we will notify you and the relevant authorities as required by law.
Depending on where you live (including under the GDPR in Europe and the CCPA/CPRA in California), you have the right to:
We do not sell personal information. The advertising pixels on our marketing site may count as “sharing” for cross-context behavioral advertising under some state laws; you can opt out of them by declining in our cookie banner, turning off Advertising on our Cookie settings page, or sending a Global Privacy Control signal, which we honor. To exercise any right, email support@claritysearch.ai from the address associated with your account (or, for free-tool submissions, the address you provided). We will verify the request and respond within the time required by law, and you may use an authorized agent where the law allows. If you are in the EEA or UK, you may also lodge a complaint with your local data protection authority.
We are a US-based service and our providers process data primarily in the United States (our product analytics, for example, uses PostHog’s US region). If you use the Service from outside the US, your information is transferred to and processed in the US and other countries where our providers operate. Where required, transfers from the EEA, UK, or Switzerland rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) or a provider’s participation in the EU-US Data Privacy Framework.
The Service is for business use and is not directed at children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us personal information, contact us at support@claritysearch.ai and we will delete it.
Some browsers send “Do Not Track” signals. There is no common standard for interpreting them, so the Service does not respond to DNT signals. The signed-in platform app runs no third-party advertising; our marketing site does use advertising cookies, but only after you accept them, and you can decline or change your choice at any time. Where a recognized opt-out preference signal (such as Global Privacy Control) applies under the law of your state, we honor it as an opt-out of any covered sharing.
We may update this policy as the Service and the law evolve. The “Last updated” date at the top reflects the current version. If a change materially affects how we handle personal information we already hold, we will notify you (for example by email or an in-app notice) before it takes effect.
For any privacy question or request, email support@claritysearch.ai. A human reads it, and privacy requests are routed to the person responsible for data protection.