Privacy Policy

Last Updated: January 1, 2026

1. Introduction

Revenuesurf ("we," "our," or "us") operates www.revenuesurf.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using Revenuesurf, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you sign in with Google, we collect:

  • Email address
  • Full name

We do not store passwords. Authentication is handled securely through Google OAuth.

2.2 Service Data

To provide our service, we collect and store:

  • Your API keys for AI content generation (encrypted)
  • Your website URLs and project information
  • Competitor information you add
  • SEO content you generate, including drafts and published articles
  • Third-party integration connections (Google Search Console, etc.)

2.3 Usage Information

We automatically collect:

  • Page views and feature usage
  • Device and browser information

We use privacy-focused analytics that doesn't track you across websites or use cookies.

2.4 Communications

When you contact us for support:

  • Your messages and support requests
  • Any files or information you choose to share

3. How We Use Your Information

We use your information to:

  • Provide and maintain our service
  • Generate SEO content using AI models via your API keys
  • Scrape and analyze competitor websites
  • Connect to third-party services you authorize (Google Search Console, etc.)
  • Communicate with you about your account and support requests
  • Improve our service and develop new features
  • Comply with legal obligations

4. Third-Party Services

We work with trusted third-party service providers to operate our service:

  • Supabase: Database, authentication, and secure data storage
  • Vercel: Application hosting
  • Google OAuth: Secure authentication
  • OpenRouter: AI content generation (using your own API keys)
  • ScreenshotOne: Website screenshot generation
  • Crisp: Customer support chat
  • Stripe: Payment processing
  • Promptmonitor: Privacy-focused analytics
  • Other services: Web scraping and content extraction tools

These service providers only have access to information necessary to perform their specific functions and are obligated to protect your data.

5. International Data Transfers

Your information may be transferred to and processed in countries outside your own, including the United States. We ensure appropriate safeguards are in place to protect your data, including encryption and secure data handling practices.

6. Data Security

We take security seriously and implement industry-standard measures to protect your information:

  • All sensitive data (API keys, tokens) is encrypted
  • Secure HTTPS connections for all data transmission
  • Regular security updates and monitoring
  • Strict access controls to limit data access

While we use best practices to protect your data, no method of transmission over the internet is 100% secure.

7. Your Rights (GDPR & CCPA)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Update or correct your information in your account settings
  • Erasure: Request deletion of your account and all associated data (contact us to delete your account)
  • Data Portability: Request a copy of your data in a machine-readable format (contact us to download your data)
  • Objection: Object to processing of your personal data
  • Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us via Crisp Chat or email us at the contact information below.

8. Data Retention

We retain your data as follows:

  • Account Data: Retained until you delete your account
  • Content Data: Retained until you delete it or close your account
  • API Keys & Tokens: Deleted immediately when you remove them from settings or close your account

Upon account deletion, we permanently delete all your personal data instantly, except where retention is required by law.

9. Cookies and Tracking

We use minimal tracking technologies:

  • Essential Cookies: Required for login and core functionality
  • Analytics: Privacy-focused analytics that doesn't use tracking cookies
  • Support Chat: May use cookies for chat functionality

You can control cookies through your browser settings. Disabling cookies may affect some features.

10. Children's Privacy

Revenuesurf is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected information about a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)

Your continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us:

13. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contract Performance: To provide the service you've subscribed to
  • Legitimate Interest: To improve our service, prevent fraud, and ensure security
  • Consent: For optional features like analytics and marketing communications (where applicable)
  • Legal Obligation: To comply with applicable laws and regulations

This Privacy Policy is effective as of January 1, 2026 and applies to all users of Revenuesurf.