Privacy Policy

1. Scope

This Policy covers personal data we process in our capacity as a service provider operating the LLMPLIFY platform, including account data of authorized users, billing data, and the limited identifying information embedded in Client Data submitted by our customers. It does not cover information you submit directly to third-party services (such as Google Search Console, Shopify, or Stripe), which is governed by those providers’ own privacy policies.

2. Data We Collect

2.1 Account & Authentication Data

When you create an account or are invited to a team, we collect your name, email address, organisation affiliation, and any profile information you provide. If you sign in via a third-party identity provider (such as Google), we receive the basic profile fields that provider returns.

2.2 Billing & Payment Data

Subscription payments are processed by Stripe. We do not store full payment card numbers on our servers; Stripe stores them on our behalf in compliance with PCI-DSS. We retain a Stripe customer identifier, billing email, billing address (collected by Stripe and forwarded to us for tax purposes), and a record of past invoices and their amounts.

2.3 Client Data & Store Integrations

When you connect a Shopify store, we receive an OAuth access token permitting us to read and (with your authorisation) write product, collection, blog, and store-configuration data on your behalf. When you connect Google Search Console or Google Analytics 4, we receive similar OAuth tokens permitting read access to your search-performance and analytics data. We store this data in order to deliver the Service’s optimisation, reporting, and tracking features.

2.4 Usage & Telemetry Data

We collect technical information about how the Service is used: IP addresses, browser type and version, device identifiers, log timestamps, request paths, error reports, and aggregated metrics (e.g. how many optimisations a store has run). Telemetry helps us monitor performance, debug failures, and improve the Service.

2.5 Communications

If you contact us by email, submit a support request, or respond to a notification, we retain a record of the correspondence so we can follow up and improve our service.

3. How We Use Data

We use the data described above to:

• provide, operate, and maintain the Service, including generating AI-powered SEO recommendations from your store data;
• authenticate users and enforce access controls based on your organisation membership;
• process subscription payments, send invoices and receipts, and comply with applicable tax rules;
• send transactional emails about your account, billing, security events, and weekly visibility reports you have opted into;
• respond to support requests and investigate suspected misuse;
• monitor performance, detect and resolve failures, and improve the Service using aggregated, de-identified usage metrics;
• comply with legal obligations, enforce our Terms, and protect the rights, property, and safety of Zuti Inc., our customers, and the public.

We do not sell personal data. We do not use Client Data to train, fine-tune, or improve any underlying large language model, as set out in Section 5.4 of the Software as a Service Agreement.

4. How Data Is Shared

We share data only with the following categories of recipients, and only as needed to deliver the Service:

• AI providers — OpenAI, Anthropic, Google (Gemini), and Perplexity. When you request an optimisation, the relevant product / collection / blog content is sent to one or more of these providers under their respective data-processing terms. None of these providers train on our requests by default; we send no Client Data outside the scope of the specific request.
• Payment processor — Stripe, Inc. processes subscription payments on our behalf and stores payment instrument data subject to Stripe’s privacy policy.
• Email delivery — Resend (or an equivalent transactional-email provider) sends account, billing, and report emails on our behalf.
• Cloud infrastructure — Vercel (application hosting), Supabase (managed Postgres database), and Anthropic / Google / OpenAI / Perplexity for AI inference. All three host data in North America by default.
• Identity providers — Google for OAuth sign-in, if you choose to sign in that way.
• Storefront platforms — Shopify when you authorise us to read and publish to your store; Google Search Console / Analytics 4 when you authorise us to read your performance data.
• Legal or safety reasons— if required by law, court order, or regulatory request, or to protect the rights, property, or safety of Zuti Inc., our customers, or third parties.
• Successors — in connection with a merger, acquisition, financing, or sale of all or substantially all of our assets, customer data is one of the assets that may be transferred. We will notify customers of any such change in ownership before personal data becomes subject to a different privacy policy.

5. Data Retention

We retain Client Data for the duration of your subscription and for a period of ninety (90) days following termination, after which the data is deleted or anonymised, except where a longer retention period is required by applicable law (for example, tax and billing records). Account data is retained for as long as the account is active; deletion can be requested by contacting support@llmplify.com. Telemetry logs are typically retained for thirty (30) days.

6. Security

We implement reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or destruction. These include TLS encryption for data in transit, encrypted storage at rest where supported by our infrastructure provider, role-based access controls inside the application, and regular review of access logs. No method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on where you live, you may have rights regarding your personal data, including the right to:

• request a copy of the personal data we hold about you;
• correct inaccurate or incomplete data;
• delete your personal data, subject to legal exceptions;
• object to or restrict certain processing;
• port your data to another service in a portable format;
• withdraw any consent you have given.

To exercise any of these rights, email support@llmplify.com. We will respond within a reasonable period and in any event within thirty (30) days unless a longer period is permitted by applicable law. We may need to verify your identity before acting on a request.

8. International Transfers

We operate in the United States and our infrastructure providers are primarily located in North America. If you access the Service from outside the United States, you understand that your data will be transferred to and processed in the United States. Where required by applicable law, we put in place appropriate safeguards (such as standard contractual clauses) for transfers of personal data outside the jurisdiction where the data was originally collected.

9. Cookies and Tracking

The Service uses cookies and similar technologies that are strictly necessary to operate the application — for example, to keep you signed in and to remember your active organisation. We do not use advertising cookies and we do not track you across other websites. If we later add analytics cookies, this policy will be updated and consent will be collected where required by law.

10. Children

The Service is intended for use by businesses and is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or via in-app notice at least thirty (30) days before they take effect. The “Effective” date at the top of this page reflects when the current version was last updated.

12. Contact

Questions, requests, or complaints about this Privacy Policy or how we process personal data can be sent to support@llmplify.com. You may also write to us at Zuti Inc., Florida, USA.