Vizelo.ai
Sign in Start free

Legal

Privacy Policy

How Vizelo, Inc. collects, uses, shares, and protects information when you use vizelo.ai and the Vizelo platform.

Effective date: May 14, 2026  ·  Last updated: May 14, 2026  ·  Version: 1.0

Plain-language summary. We collect the minimum personal data needed to run Vizelo: your account email, billing contact, and product telemetry. We never train AI models on customer prompts, content, or citation graphs. Customer data is isolated per tenant. You can export or delete your data at any time. Questions: privacy@vizelo.ai.

1. Scope and definitions

This Privacy Policy describes how Vizelo, Inc. (“Vizelo,” “we,” “us,” or “our”) handles personal information collected through the marketing site at vizelo.ai, the application at app.vizelo.ai, our APIs, and any related services (collectively, the “Service”).

Customer Data means information that customers and their authorized users submit to the Service, including tracked prompts, content briefs, citation graphs, and configuration. For Customer Data, Vizelo acts as a data processor (or service provider under CCPA). For information about prospects, marketing-site visitors, and Vizelo’s direct administrative contacts, Vizelo acts as a data controller (or business under CCPA).

2. Information we collect

2.1 Account and billing information

When you create an account or subscribe to a paid plan, we collect your name, email address, password (hashed using Argon2id), workspace name, billing contact, billing address, and tax identifier where required. Payment card data is collected and stored by our payment processor (Stripe) and is never stored on Vizelo systems.

2.2 Customer Data

We process Customer Data on behalf of the customer. This includes domains and competitor domains you track, prompts you configure, content you submit for analysis, briefs generated by our agents, and the citation graphs we collect from public answer-engine surfaces. Customer Data is logically isolated per workspace under strict access controls and is processed in accordance with the customer agreement.

2.3 Product telemetry

We collect product telemetry to operate, secure, and improve the Service. Telemetry includes feature usage events, API request metadata, performance metrics, error reports, and authentication events. Telemetry is associated with a workspace and user ID but does not contain Customer Data.

2.4 Device and connection information

We collect IP address, user-agent, language, time zone, and approximate location (derived from IP) to provide the Service, protect against abuse, and meet legal obligations. We retain web-server logs for ninety (90) days.

2.5 Communications

If you contact us by email, fill in a form, or interact with our support channels, we retain those communications and any attachments to respond and improve our support.

3. How we use information

We use personal information to:

  • Provide, maintain, and secure the Service.
  • Authenticate users and authorize access.
  • Process billing and prevent fraudulent transactions.
  • Detect, prevent, and respond to abuse, security incidents, and policy violations.
  • Send transactional emails (account, billing, security, product changes).
  • Send marketing emails to administrative contacts, where permitted, with an unsubscribe link in every message.
  • Improve product reliability and performance, including aggregate analysis of usage patterns.
  • Comply with legal obligations and respond to lawful requests.

We do not train AI models on Customer Data. Customer prompts, content, briefs, and citation graphs are not used to train, fine-tune, or otherwise improve any model operated by Vizelo or by third parties.

4. Legal bases (GDPR)

If you are in the European Economic Area, the UK, or Switzerland, we process personal information on the following legal bases:

  • Performance of a contract — to deliver the Service to you under our customer agreement.
  • Legitimate interests — to secure the Service, prevent abuse, improve reliability, and run targeted business-to-business marketing where the impact on you is minimal.
  • Consent — for optional marketing communications, non-essential cookies, and any processing for which consent is required by law. You can withdraw consent at any time.
  • Legal obligation — to comply with tax, accounting, or other legal requirements.

5. When we share information

We do not sell personal information. We share information only as follows:

  • Sub-processors — vendors that operate infrastructure, deliver email, process payments, or otherwise support the Service. See the list below.
  • Within your workspace — users you invite to a workspace can see workspace content and the actions other workspace users take.
  • Legal compliance and protection — to comply with law, valid legal process, or to protect the rights, property, or safety of Vizelo, our customers, or the public. We notify customers of legal requests for their data unless prohibited by law.
  • Corporate transactions — in connection with a merger, acquisition, financing, or sale of assets, with notice and protections appropriate to the transaction.

6. Sub-processors

Our current sub-processors are:

  • Amazon Web Services — cloud hosting, storage, and managed databases (United States, with EU and APAC options for enterprise customers).
  • Stripe — payment processing.
  • Postmark — transactional email delivery.
  • Cloudflare — DNS, edge caching, DDoS protection.
  • OpenAI, Anthropic, Google, Microsoft, Perplexity — the answer engines whose public surfaces we probe to measure citation activity. We do not transmit Customer Data to these engines; we read from their public outputs and store the results.
  • Sentry — error monitoring.
  • Linear — internal issue tracking. Customer Data is not stored in Linear.

We post material changes to our sub-processor list and notify enterprise customers in advance of new sub-processors that will process Customer Data.

7. International transfers

Vizelo is headquartered in the United States. Information may be transferred to and processed in the United States and other countries where our sub-processors operate. For transfers of personal data out of the EEA, the UK, and Switzerland, we rely on the European Commission’s Standard Contractual Clauses and equivalent UK and Swiss addenda, supplemented by technical and organizational measures including encryption in transit and at rest. Enterprise customers can request data residency in EU or APAC regions.

8. Retention

  • Account and billing — retained while your account is active and for up to seven (7) years after closure for tax and accounting purposes.
  • Customer Data — retained while your account is active. On termination we delete Customer Data within thirty (30) days unless legally required to retain it.
  • Product telemetry — retained for thirteen (13) months in identifiable form, then aggregated or deleted.
  • Web-server and security logs — retained for ninety (90) days.
  • Support communications — retained for three (3) years.

9. Security

We protect personal information with administrative, technical, and physical safeguards. Highlights include encryption in transit and at rest, least-privilege access controls, MFA-enforced admin access, per-customer database isolation, audit logging, and regular third-party security audits. Email security@vizelo.ai for our current evidence pack. No system is perfectly secure, and we cannot guarantee absolute security.

10. Your rights

Depending on where you live, you may have the right to access, correct, delete, port, restrict, or object to the processing of your personal information, and to lodge a complaint with a supervisory authority. To exercise these rights, email privacy@vizelo.ai from the address associated with your account. We respond within thirty (30) days and will not discriminate against you for exercising your rights.

10.1 California residents (CCPA / CPRA)

In the prior twelve months, we have collected the categories of personal information described in Section 2. We have disclosed personal information only for the business purposes described in Sections 3 and 5. We have not sold or shared personal information for cross-context behavioral advertising. California residents may request access, deletion, correction, and the right to limit use of sensitive personal information by emailing privacy@vizelo.ai. We verify requests using the email associated with your account.

10.2 EU/UK residents

You may contact our EU representative and our Data Protection Officer at dpo@vizelo.ai. You also have the right to lodge a complaint with your local supervisory authority.

11. Cookies and similar technologies

We use a small number of strictly necessary and functional cookies on vizelo.ai and app.vizelo.ai:

  • Session cookies — to keep you signed in to the application.
  • Preference cookies — to remember settings like billing-cycle preference (vz_billing) on the pricing page.
  • Security cookies — to mitigate cross-site request forgery and abuse.

We do not use third-party advertising cookies. Where required by law, we request consent before setting non-essential cookies. You can clear cookies in your browser at any time; some features may not work without them.

12. Children

The Service is intended for business users and is not directed to children under sixteen. We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us at privacy@vizelo.ai and we will delete it promptly.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes we will notify you by email or by an in-product notice at least thirty (30) days before the changes take effect. The “Last updated” date at the top reflects the most recent revision.

14. Contact us

Vizelo, Inc.
Attn: Privacy
Irving, Texas, USA
Email: privacy@vizelo.ai
Data Protection Officer: dpo@vizelo.ai

This document is provided in good faith and reflects the practices of Vizelo, Inc. as of the effective date above. It is not legal advice and is not a substitute for the binding agreement between you and Vizelo.