1. Introduction
This Privacy Policy explains how Prism ("we," "our," or "us") collects, uses, stores, and protects your personal information when you use the Prism AI Visibility Tracker platform available at prismvisibility.com (the "Service"). By using the Service, you consent to the practices described in this policy.
We are committed to protecting your privacy and handling your data transparently. If you do not agree with this policy, please do not use the Service.
2. Data We Collect
We collect the following categories of information when you use the Service:
- Account Information: Your email address and password (hashed) when you register for an account
- Business Information: Business name, website URL, location, products and services, and competitor details that you provide to configure your visibility scans
- Scan Results: AI engine responses, mention data, sentiment analysis, rankings, and visibility scores generated by the Service
- Payment Information: Payment details processed securely through Razorpay. We do not store your full credit card or bank account numbers on our servers
- Usage Data: Pages visited, features used, timestamps, browser type, and device information collected automatically when you interact with the Service
3. How We Use Your Data
We use the information we collect for the following purposes:
- Providing the Service: Running visibility scans, generating reports, tracking rankings, and delivering the core functionality you signed up for
- Improving AI Analysis: Enhancing the accuracy and relevance of our query generation, mention detection, and sentiment analysis algorithms
- Sending Notifications: Communicating scan results, account updates, credit balance alerts, and important service announcements via email
- Customer Support: Responding to your inquiries and resolving issues with your account or the Service
- Analytics: Understanding how users interact with the Service to improve performance and user experience
We do not sell your personal data to third parties.
4. Third-Party Services
We rely on the following third-party services to operate and deliver the Service. Each has its own privacy policy governing how it handles your data:
- Vercel: Hosting and deployment of the Service infrastructure
- Supabase: Database storage, user authentication, and session management
- Razorpay: Secure payment processing for credit purchases. Razorpay handles and stores your payment details under its own PCI-DSS compliant environment
- AI Providers (via Vercel AI Gateway): OpenAI, Anthropic, Google, Perplexity, and xAI. Your business information is sent to these providers to generate visibility scan queries and analyze responses. We do not share your email or payment information with AI providers
- Google Analytics: Website analytics to understand traffic patterns and user behavior (Measurement ID: G-2LFBLLNR7C)
5. Cookies
The Service uses the following cookies:
- Supabase Auth Session Cookies: Essential cookies required to maintain your authenticated session. These are strictly necessary for the Service to function and cannot be disabled
- Google Analytics Cookies: Performance cookies used to collect anonymous usage statistics (Measurement ID: G-2LFBLLNR7C). These help us understand how users interact with the Service so we can improve it
You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent the Service from functioning correctly.
6. Data Retention
We retain your data according to the following policies:
- Scan Results: Kept indefinitely to provide historical visibility trends and reporting. You may request deletion at any time
- Account Data: Retained for as long as your account is active. Deleted upon request when you close your account
- Payment Records: Retained as required by applicable tax and financial regulations
- Usage and Analytics Data: Retained in aggregate, anonymized form for service improvement
7. Your Rights
You have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request that we correct any inaccurate or incomplete personal data
- Deletion: Request that we delete your personal data and close your account
- Data Export: Request a machine-readable export of your data, including scan results, business profiles, and account information
- Withdrawal of Consent: Withdraw your consent for data processing at any time, which may result in the termination of your access to the Service
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.
8. GDPR Compliance
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):
- Legal Basis: We process your data based on your consent (account creation), contractual necessity (providing the Service), and legitimate interests (improving the Service and preventing fraud)
- Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format
- Right to Object: You may object to the processing of your personal data for direct marketing or profiling purposes
- Right to Restrict Processing: You may request that we limit how we use your data while a complaint or request is being resolved
- Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority
International data transfers are conducted using appropriate safeguards, including standard contractual clauses where applicable.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure password hashing and authentication via Supabase
- Access controls limiting data access to authorized personnel only
- Regular review of our security practices and third-party service configurations
While we take reasonable steps to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a notice on the Service. Your continued use of the Service after such modifications constitutes acceptance of the updated policy.
We encourage you to review this page periodically for the latest information on our privacy practices.
11. Contact
If you have any questions about this Privacy Policy or how we handle your data, please contact us: