Echo Rank

Privacy Policy

Last updated: February 9, 2025

Echo Rank ("we," "our," or "us") operates the echorank.ai website and the app.echorank.ai platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect information through our authentication provider, Clerk. This may include:

  • Name and email address
  • Profile picture (if provided via OAuth)
  • Authentication credentials and session tokens
  • OAuth provider identifiers (Google, GitHub, or other connected accounts)

1.2 Usage Data

We automatically collect certain information when you interact with the Service, including:

  • Pages and features you access
  • Domains and queries you track
  • IP address, browser type, and device information
  • Referring URL and pages visited
  • Timestamps and interaction patterns

1.3 Business Data

To provide our Generative Engine Optimization service, we collect and process:

  • Domain names and URLs you submit for tracking
  • Search queries and keywords you monitor
  • AI citation data from third-party AI platforms (ChatGPT, Claude, Perplexity, Gemini, AI Overviews, Copilot)
  • Content analysis metrics and scores
  • Competitor domain information

1.4 Payment Information

Payment processing is handled by Stripe. We do not store your credit card number, bank account details, or other sensitive financial information on our servers. Stripe collects and processes payment data in accordance with their Privacy Policy. We receive and store only:

  • Stripe customer and subscription identifiers
  • Billing plan and subscription status
  • Last four digits of your payment card (for display purposes)
  • Billing address (if provided)

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: To operate, maintain, and provide the features and functionality of the Service, including tracking AI citations, generating optimization scores, and delivering reports
  • Account management: To create and manage your account, process transactions, and send account-related communications
  • Analytics and improvement: To understand how users interact with the Service, identify trends, and improve the user experience
  • Communication: To send product updates, feature announcements, weekly reports, and respond to your inquiries
  • Security: To detect, prevent, and address technical issues, fraud, and unauthorized access
  • Legal compliance: To comply with applicable laws, regulations, and legal processes

3. Third-Party Services

We integrate with the following third-party services to operate the platform. Each service processes data in accordance with its own privacy policy:

ClerkAuthentication and user managementPrivacy Policy
StripePayment processing and subscription managementPrivacy Policy
SupabaseDatabase hosting and data storagePrivacy Policy
Google Analytics & Google Tag ManagerWebsite analytics and usage trackingPrivacy Policy
OpenAI APIQuerying ChatGPT for citation trackingPrivacy Policy
Anthropic APIQuerying Claude for citation trackingPrivacy Policy
Google AI APIQuerying Gemini and AI Overviews for citation trackingPrivacy Policy
Exa APIWeb content analysis and social mention trackingPrivacy Policy

We send only the queries and domain data necessary to perform citation checks to these AI APIs. We do not transmit your personal account information (email, name, payment details) to AI providers.

4. Data Storage and Security

Your data is stored in Supabase-hosted PostgreSQL databases. We implement industry-standard security measures including:

  • Encryption in transit (TLS/SSL) for all data transfers
  • Encryption at rest for stored data
  • Row-level security policies on database tables
  • Secure authentication via Clerk with support for multi-factor authentication
  • Regular security audits and dependency updates

While we strive to protect your information, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security of your data.

5. Data Retention

We retain your data as follows:

  • Account data: Retained for the duration of your account and deleted within 30 days of account closure, unless required for legal obligations
  • Citation and analytics data: Retained for the duration of your subscription to provide historical reporting and trend analysis
  • Payment records: Retained as required by tax and financial regulations (typically 7 years)
  • Server logs: Automatically deleted after 90 days

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve the Service. For detailed information about the cookies we use and your choices, please see our Cookie Policy.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data under applicable laws including the General Data Protection Regulation (GDPR) and similar legislation:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing: Request that we limit the processing of your data
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format
  • Right to object: Object to processing of your personal data for certain purposes
  • Right to withdraw consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at support@echorank.ai. We will respond to your request within 30 days.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our service providers, including Supabase, Clerk, and Stripe, may process data in the United States and other jurisdictions. Where required, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in compliance with applicable data protection laws.

9. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Echo Rank

Email: support@echorank.ai

Website: echorank.ai