Privacy Policy

Last Updated

June 11, 2026

AEO Goal Inc. (“AEO Goal,” “we,” “us,” or “our”) provides AI citation tracking, answer engine optimization analytics, content optimization, reporting, and related software services. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when you visit our websites, create an account, use the platform, connect third-party integrations, or contact us.

Information We Collect

Account and organization data

• Name, work email, password credentials, verification status, and support contact details.
• Company name, website, role, team membership, organization settings, and plan information.
• Security settings such as MFA status, active sessions, API key metadata, and audit events.

Customer content and analytics data

• Brands, competitors, prompts, keywords, tracked domains, markets, personas, and content briefs.
• AI search results, citations, rankings, backlink metrics, site-crawl findings, reports, and tasks.
• Generated drafts, uploaded brand-voice documents, publishing settings, and user instructions.

Connected services

If you connect Google Search Console, Google Analytics, Google Drive, GitHub, Notion, Bing Webmaster Tools, an MCP client, or another integration, we collect the account identifiers, OAuth tokens, scopes, files, metrics, and events needed to provide that integration. You can disconnect supported integrations in the product settings.

Billing, usage, and device data

• Billing contact, plan, invoices, and payment status. Card details are handled by Stripe.
• Usage counts, feature interactions, error logs, security signals, IP address, browser type, and device information.
• Support messages, demo requests, survey responses, and sales communications.

How We Use Information

• Provide, secure, monitor, and improve the AEO Goal platform.
• Run AI citation checks, SEO audits, reports, alerts, exports, publishing workflows, and integrations.
• Authenticate users, enforce tenant isolation, prevent abuse, investigate incidents, and audit security events.
• Process subscriptions, trials, invoices, payments, taxes, and account administration.
• Respond to support requests and send service, security, billing, and product notices.
• Analyze aggregate usage and product performance without identifying individual customers where practical.
• Comply with legal obligations, enforce agreements, and protect AEO Goal, customers, and the public.

Legal Bases for EU, EEA, and UK Processing

Where GDPR or UK GDPR applies, we process personal information based on contract necessity, legitimate interests in operating and securing a B2B SaaS product, consent where required, and legal obligations. Customers act as controllers for personal information they submit about their users, employees, customers, or prospects, and AEO Goal acts as processor for that Customer Personal Data under our Data Processing Addendum.

How We Share Information

We do not sell personal information. We may disclose information to service providers and subprocessors that host, secure, monitor, email, bill, store, or process platform data; third-party integrations you authorize or configure; professional advisers, auditors, insurers, and legal authorities where required or appropriate; and successors in a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate safeguards.

We do not use Customer Content to train general-purpose foundation models unless a customer has separately agreed to that use in writing.

Cookies and Similar Technologies

We use essential cookies and local storage for authentication, security, session continuity, preferences, and product operation. If we deploy optional analytics, advertising, or cross-site tracking technologies that require consent, we will provide the required notices and choices.

Security

We use administrative, technical, and organizational safeguards designed for a multi-tenant SaaS product, including encryption in transit, access controls, audit logging, scoped credentials, secure authentication, monitoring, and vendor due diligence. No internet service can be guaranteed completely secure, but we work to reduce risk and investigate suspected security incidents promptly.

Retention

We retain personal information for as long as needed to provide the services, comply with legal and accounting obligations, resolve disputes, preserve security records, and enforce agreements. Customers may export or request deletion of account data from the product where available. Some logs, backups, invoices, fraud-prevention records, and audit events may be retained for a limited period after deletion where required or justified.

International Transfers

We may process and store information in the United States and other jurisdictions where we or our service providers operate. Where required, we use appropriate transfer mechanisms such as Standard Contractual Clauses or other lawful safeguards.

Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete, restrict, export, or object to processing of your personal information, and to opt out of marketing communications. California residents may also have rights to know, delete, correct, limit use of sensitive personal information, and opt out of sale or sharing. We do not sell personal information or share it for cross-context behavioral advertising.

Submit privacy requests to privacy@aeogoal.com. We may need to verify your identity and, for data controlled by an AEO Goal customer, may direct the request to that customer.

Children

AEO Goal is a business service and is not directed to children under 16. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the service, by email, or by another reasonable method.

Contact

For privacy questions or requests, email privacy@aeogoal.com. For legal notices, email legal@aeogoal.com.