Privacy & Cookie Policy

1. Introduction

This Privacy & Cookie Policy explains how Seniqs AS (“we”, “us”) collects, uses and protects personal data when you visit visibilitycheck.ai (the “Service”). The Service crawls publicly available web pages on request and produces an AI-visibility analysis for the site you submit.

This policy applies to visitors, registered users, and paying customers. It is published in English and reflects our obligations under Regulation (EU) 2016/679 (the “GDPR”) and the Norwegian Personal Data Act.

2. Data Controller

The data controller responsible for the processing of personal data described in this policy is:

Legal name: Seniqs AS
Organisation number: 922 098 476
Registered address: Dalandsåsen 5, 4480 Kvinesdal, Norway
Contact email: info@seniqs.no

We have not appointed a Data Protection Officer as we are not required to under Article 37 GDPR. Privacy-related enquiries should be sent to the contact email above.

3. What data we collect

Account data

If you create an account using Google Sign-In, we receive your email address and, where provided by Google, your name and profile picture URL. We do not receive or store your Google password.

Analysis data

When you submit a website URL for analysis, we crawl that URL and store the crawl results (HTML structure, headings, metadata, detected business information) linked to your user account. We do not crawl content behind authentication or paywalls. The URLs you submit and the results of each analysis are visible only to you.

Payment data

Paid plans are processed by Stripe. We do not see or store your full card number, CVC, or expiry date. We retain the Stripe customer ID, transaction ID, plan purchased, amount, currency, and date — these are required for delivery of the service and for tax compliance.

Technical data

Like virtually every website, our servers log the IP address, user-agent, timestamp and requested URL of each request. We also issue a random anonymous identifier (geo_anon_id) to every browser; this identifier contains no personal information and is used to detect abuse and enforce rate limits.

4. Purposes & legal bases

Purpose	Legal basis (GDPR Art. 6)
Providing the AI-visibility analysis you requested, managing your account and delivering paid reports.	6(1)(b) — performance of a contract.
Protecting the Service against fraud, abuse and excessive use (rate limiting, anti-abuse identifier).	6(1)(f) — legitimate interests of the controller in operating a secure service.
Keeping invoices and payment records.	6(1)(c) — compliance with a legal obligation (Norwegian Bookkeeping Act).
Loading analytics or marketing scripts on the Service. We do not currently use any. If we add them in the future, they will only run after you click “Accept” in the cookie banner.	6(1)(a) — your explicit consent.

5. Third-party processors

We share personal data with the following processors strictly for the purposes listed above. Each is bound by a data-processing agreement or equivalent contractual safeguards:

Google LLC (Google Sign-In) — identity verification when you sign in with Google. The Google Sign-In client script is loaded by your browser only after you open the login dialog; until then no request is made to Google and no Google cookie is set or read on your device.
Stripe, Inc. / Stripe Payments Europe Ltd. — processing of card payments. You are redirected to Stripe’s hosted checkout; card data is collected by Stripe, not by us.
OpenAI, Google (Gemini) and xAI (Grok) — when you request the AI Brand Awareness check or AI-generated structured data, we send these providers either (a) the public site URL and company name only, or (b) plain-text extracts of pages allowed by your robots.txt. We never send your account email, payment data, or any other identifier.
Hosting provider — the server that hosts visibilitycheck.ai stores the database and log files described above.

6. International data transfers

Some of the processors listed above are established outside the European Economic Area, primarily in the United States. Transfers to those processors are protected by the European Commission’s Standard Contractual Clauses (SCC) and, where applicable, by the EU–U.S. Data Privacy Framework adequacy decision. You can request a copy of the safeguards in place by contacting us.

7. Retention periods

Account data: kept until you delete your account.
Crawl results & generated reports: kept for up to 12 months after the last access, then deleted. Paid kit files are available for download for 30 days after purchase.
Technical logs (IP, user-agent, request URL): 90 days.
Billing records (invoices, transaction IDs): 10 years, as required by the Norwegian Bookkeeping Act.
Cookie-consent record: until you clear it from your browser or change your choice.

8. Your rights under the GDPR

Under articles 15–22 of the GDPR you have the right to:

request access to the personal data we hold about you (Art. 15);
have inaccurate data corrected (Art. 16);
have your data erased when one of the grounds in Art. 17 applies;
restrict processing in the cases described in Art. 18;
receive your data in a portable, machine-readable format (Art. 20);
object to processing carried out under our legitimate interests (Art. 21);
withdraw any consent you have given, at any time, without affecting the lawfulness of processing carried out before withdrawal (Art. 7(3)).

To exercise any of these rights, email info@seniqs.no. We will respond within one month.

If you believe we have not handled your data lawfully, you have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) — datatilsynet.no — or with the supervisory authority in the EU member state of your habitual residence.

9. Cookies & local storage

We use a small number of HTTP cookies and browser-storage entries. Strictly-necessary and functional items are set without consent because they are required for the Service to function. We do not currently use any analytics, advertising or marketing cookies. If that ever changes, this policy and the cookie banner will be updated and your consent will be requested again.

Name	Type	Purpose	Duration	Category
`PHPSESSID`	HTTP cookie	Maintains your session after you sign in.	Session	Strictly necessary
`geo_anon_id`	HTTP cookie (HttpOnly, Secure)	Anonymous identifier used to enforce rate limits and detect abuse.	1 year	Strictly necessary
`cookie_consent`	HTTP cookie + localStorage	Records your accept/reject choice so we don’t ask again. Stored in both places so the choice survives browsers that wipe one or the other.	1 year	Strictly necessary
`theme`	localStorage	Remembers whether you prefer dark or light mode.	Until cleared	Functional
`sb.collapsed`	localStorage	Remembers whether you collapsed the sidebar.	Until cleared	Functional
`geo_crawl_history`	localStorage	Stores recent crawls of guest visitors so they can be re-opened.	Until cleared	Functional
`pendingCheckout`	localStorage	Resumes a Stripe checkout that was started but not completed.	30 minutes	Functional
Google Sign-In	Third-party cookies	Set on accounts.google.com only after you open the login dialog and the Google client script is requested. Required to complete authentication.	See Google’s policy	Strictly necessary (only when signing in)
Stripe	Third-party cookies	Set on checkout.stripe.com during the payment step only.	See Stripe’s policy	Strictly necessary (when paying)

Your choice

When you first visit the site, a banner asks you to accept or reject non-essential cookies. Strictly-necessary and functional items above continue to work regardless of your choice — they are required to deliver the service you asked for. If we later introduce analytics or marketing trackers, they will only load after you have clicked “Accept”. You can change your choice at any time through the “Cookie settings” link in the footer.

You can also block or delete cookies through your browser settings, but some parts of the Service may stop working if you do.

10. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of the page indicates the most recent revision. If we introduce material changes — in particular, new categories of personal data, new processors, or new cookies that require consent — we will surface a clear notice on the Service and, where required, ask for fresh consent.

11. Contact

Questions, requests, or complaints about this policy can be sent to:

Seniqs AS
Dalandsåsen 5, 4480 Kvinesdal, Norway
Email: info@seniqs.no

Login