Citedon
Run a free scan

Legal

Privacy Policy

Last updated June 6, 2026

This policy explains what Citedon collects, why, and how we handle it. By using citedon.com or the Citedon Connector plugin (together, the "Service"), you agree to this policy.

Who we are

Citedon provides a service that measures whether AI engines cite and recommend a website, generates the agent-ready structured data a site is missing, and helps apply and maintain it. For privacy questions, contact us at support@citedon.com or via our contact page.

What we collect

Account information

When you create an account, our authentication provider collects your name and email address. We do not store your password.

Billing information

Paid plans are processed by our payment provider. Citedon does not receive or store your full card number. We retain your plan, subscription status, and a customer identifier so we can manage your subscription.

Scan and project data

When you run a scan or create a project, we store the URLs you submit, the queries you track, the generated reports and scores, and, for connected sites, your domain, a hashed site key, and a record of the changes applied. We never store your site key in plain text.

Usage and device data

We collect standard analytics (pages viewed, referrer, approximate location, device and browser) and your IP address, which we use to rate-limit free scans and prevent abuse.

We also use Microsoft Clarity, a product-analytics tool that records interactions such as clicks, scrolls, and page navigation (session replay and heatmaps) to help us understand and improve how people use the Service. Clarity masks the text you type by default.

Advertising and conversion measurement

We use Google Analytics 4, the Meta (Facebook) Pixel, and the Reddit Pixel, including their server-side conversion APIs, to measure how our ads perform. These set cookies (for example _ga, _fbp, _fbc, and _rdt_uuid), and we keep a first-touch attribution cookie (cd_attribution) recording the campaign or referrer you arrived from. When you submit your email or complete a purchase, we may send a hashed version of your email plus those cookie identifiers to Google, Meta, and Reddit so a conversion can be attributed to the ad you clicked. We do not send a readable email address for this purpose.

How we use it

  • To provide the Service: run scans, generate and apply agent-ready data, and monitor results over time.
  • To operate billing, support, and account management.
  • To send transactional email and the monitoring alerts you opt into.
  • To measure and improve the Service and our marketing.
  • To detect, prevent, and respond to abuse, fraud, and security issues.

Service providers we share data with

We use trusted providers to run the Service, and share only what each needs:

  • Authentication (account identity and sign-in).
  • Payments (subscription billing; they handle your card data directly).
  • Hosting and database (running the app and storing your data).
  • Page fetching (retrieving the public pages you ask us to scan).
  • AI engine providers (we send queries to ChatGPT, Perplexity, Gemini, and Claude to measure citations).
  • Email delivery (transactional and alert email).
  • Analytics and advertising (Google Analytics 4, the Meta (Facebook) Pixel, and the Reddit Pixel, with their server-side conversion APIs, for product and marketing measurement and ad attribution; and Microsoft Clarity for product-usage analytics, session replay, and heatmaps).

We do not sell your personal information.

Cookies

We use cookies and similar technologies for sign-in, security, analytics, and advertising measurement. This includes Google Analytics cookies (such as _ga), Meta Pixel cookies (such as _fbp and _fbc), Reddit Pixel cookies (such as _rdt_uuid), Microsoft Clarity cookies (such as _clck and _clsk), and our own first-touch attribution cookie (cd_attribution). You can control cookies through your browser settings; some features require them to function.

Data retention

We keep account, scan, and project data for as long as your account is active and as needed to provide the Service or meet legal obligations. You can ask us to delete your account and associated data.

Security

We use industry-standard measures to protect your data, including encryption in transit and storing site keys only as hashes. No method of transmission or storage is perfectly secure, but we work to protect your information.

Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact support@citedon.com.

Children

The Service is not directed to children under 16, and we do not knowingly collect their data.

Changes

We may update this policy. We will revise the date above and, for material changes, provide additional notice.

Contact

Questions about this policy: support@citedon.com.