Privacy Policy

Last updated: April 26, 2026

Template notice for the site owner

Entity details have been filled in. Before relying on this policy as binding, have a UAE-qualified attorney review it for compliance with UAE PDPL and any free-zone-specific requirements (Sharjah Media City). Delete this notice before publishing.

1. Introduction

aeofyi (“we,” “us,” or “our”), operated by KAIZUN AI LLC, registered at Sharjah Media City, Sharjah, UAE, provides an Answer Engine Optimization (AEO) audit and recommendation platform available at aeofyi.com (the “Service”). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have in relation to that information.

By creating an account or using the Service, you acknowledge the practices described in this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information you provide

  • Account information: name, email address, organisation name and email, when you sign up or update your profile.
  • Authentication identifiers: when you sign in with Google, we receive a Google account identifier and the email tied to that account through our authentication provider (Supabase Auth).
  • Audit input: the URLs and project names you submit for analysis.
  • Support requests: name, email, phone number, and any description you submit through the “Want us to fix this for you?” form on report or project pages.
  • Payment information (when paid plans are enabled): billing details are processed by Stripe and we do not store full payment card numbers on our servers. We retain a Stripe customer identifier and subscription identifier.

2.2 Information we collect automatically

  • Audit results: for each URL you submit we store the AEO score, grade, audit findings, generated FAQ schema, content rewrite suggestions, and token usage and cost metadata for that audit.
  • Scraped page content: public HTML, headings, meta tags, and a truncated text excerpt from URLs you submit. We treat this as belonging to the site you submitted; we do not republish it.
  • Usage data: pages you visit within the Service, request and response logs, and approximate IP-based location, used for analytics and security.
  • Cookies and similar technologies: we use cookies to keep you signed in and to remember your preferences. See section 7 for details.

3. How We Use Information

We use the information described above to:

  • provide, maintain, and improve the Service;
  • run audits, generate AEO recommendations, and store your scan history;
  • operate per-tier quotas and prevent abuse;
  • respond to support requests and contact you about your account;
  • send service announcements and, with your consent where required, marketing communications you can opt out of;
  • investigate fraud, abuse, or violations of our Terms of Service;
  • comply with legal obligations.

4. How We Share Information

We do not sell your personal information. We share information only with the service providers and parties listed below, each under contractual obligations to protect that information.

4.1 Sub-processors and infrastructure

  • Supabase (database, authentication, storage). Processes your account data, audit results, and session tokens. Hosted in the region of the Supabase project we operate.
  • Vercel (application hosting and edge network). Receives request logs as part of operating the front-end and API.
  • Anthropic, PBC (Claude API). The page content you submit for analysis is sent to Anthropic to generate AEO findings, FAQ schema, and content rewrites. Anthropic processes this data under its commercial terms and does not use it to train its models.
  • Google (OAuth sign-in). Used only to authenticate you when you choose “Sign in with Google.”
  • Stripe, Inc. (payments, when paid plans are enabled). Processes billing details on its own infrastructure under its privacy notice.

4.2 Legal disclosures

We may disclose information when we believe in good faith that disclosure is necessary to comply with a legal obligation, enforce our Terms of Service, protect the rights, property, or safety of aeofyi, our users, or others, or in connection with a corporate transaction such as a merger or acquisition (in which case we will notify affected users).

5. Data Retention

We retain account information and audit history for as long as your account is active. If you delete your account, we delete or anonymise your personal information within 30 days, except where we are required to retain certain records for legal, tax, or fraud-prevention purposes. Aggregated and de-identified data may be retained indefinitely.

6. Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

  • access the information we hold about you;
  • correct information that is inaccurate or incomplete;
  • request deletion of your information;
  • object to or restrict certain processing;
  • port your information to another service;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at kaizunaillc@gmail.com. We will respond within the time frame required by the applicable law.

7. Cookies

We use a small number of cookies and similar technologies. Strictly necessary cookies keep you signed in and remember your preferences (for example, theme). We do not use third-party advertising or tracking cookies. You can clear cookies in your browser at any time; doing so will sign you out of the Service.

8. Security

We use industry standard measures to protect your information, including TLS in transit, encryption at rest by our database provider, principle of least privilege for staff access, and Row Level Security policies on user-scoped data. No system is completely secure; we encourage you to use a strong, unique password and to enable two-factor authentication on your Google account.

9. Children's Privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. International Transfers

Our service providers may process information in countries other than your own. By using the Service you understand and agree to the transfer of your information to the United States, the European Economic Area, India, and other locations where our providers operate, subject to appropriate safeguards required by applicable law.

11. Changes to this Policy

We may update this policy from time to time. The “Last updated” date at the top reflects the most recent revision. If we make material changes we will notify you by email or through the Service before the changes take effect.

12. Contact

For privacy questions, requests to exercise your rights, or any other matter concerning this policy, contact us at kaizunaillc@gmail.com.