Privacy Policy

Last updated: April 28, 2026 · Written by Connor Whitlock, Founder, Cited Digital

This privacy policy explains what data Cited Digital collects, how we use it, and how to exercise your rights. Written in plain English by a real person. Questions? Email contact@citeddigital.co.

What We Collect

When you run a free audit: We collect the URL you submit. We do not collect personal information from free audits unless you submit the contact form.

When you purchase a report: Stripe (our payment processor) collects your email address, name, and payment information. We receive your email and the website URL. We do not store credit card numbers — Stripe handles all payment data.

When you fill out the contact form: We collect your name, email, phone (optional), website URL, and message.

How We Use It

Your email is used to deliver your audit report and for service-related communications (delivery confirmation, follow-up support). Your website URL is crawled to generate the audit. We only access publicly available pages.

What We Don't Do

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not access password-protected areas of your website. We do not use tracking pixels in emails.

Third-Party Services

We use a small number of third-party services to deliver Cited Digital. Each has its own privacy policy:

• Stripe for payment processing — see Stripe's privacy policy. We never see your card details.
• Google Workspace for transactional email delivery — see Google's privacy policy.
• Anthropic and OpenAI for the LLM-generated portions of audit reports — both configured with zero data retention. See Anthropic privacy and OpenAI privacy.

Data Retention

Audit data and contact information are retained for 12 months for service delivery and support purposes. You may request deletion at any time by emailing contact@citeddigital.co.

Cookies

Our website uses a session cookie for admin authentication only. We do not use tracking cookies or third-party analytics on the public site.

Contact

For privacy questions or data deletion requests, email contact@citeddigital.co.

Frequently asked questions about privacy at Cited Digital

What data do you collect when I run a free audit?

The website URL you submit, your AEO score and audit findings (associated with that URL), and standard server logs (IP address, user agent, timestamp) for abuse prevention. No personal information is collected unless you choose to provide it (e.g., to receive a report by email).

Do you sell my data?

No. We never sell, rent, or trade individual user data to third parties. Aggregate, anonymized statistics from our audit corpus are sometimes published as research (industry averages, common-issue rates), but no individual site or person is identifiable from those publications.

Do you use tracking cookies or analytics?

No third-party analytics on the public site. We use a single session cookie for admin authentication only. No Google Analytics, no Facebook pixel, no remarketing tags.

How long do you keep my data?

Audit reports and contact information are retained for 12 months for service delivery and support. You can request deletion at any time by emailing contact@citeddigital.co. We honor deletion requests within 30 days.

Can I get a copy of all the data you have on me?

Yes. Email contact@citeddigital.co with the subject "Data export request" and we'll send a complete copy of any data we hold associated with your email or audit URLs within 30 days, free of charge.

Do you use my audit data to train AI models?

No. We do not use customer audit data to train any AI or machine learning model. The Fix Manifest is generated using off-the-shelf LLMs (Claude, GPT) but only your specific audit results are passed to those models, and they're configured not to retain training data from API calls.