Back

Privacy Policy

Data Controller

Valentin Weinert
Dr.-Rohmer-Weg 11
65719 Hofheim am Taunus, Germany
Email: hello@seenbyai.dev
Phone: +49 15224697434

What Data We Collect

  • IP addresses – used temporarily for rate limiting. Not stored persistently.
  • URLs you submit – stored alongside your scan results to provide the service.
  • Screenshots – uploaded for verification only. See dedicated section below.

Legal Basis for Processing

We process your personal data on the following legal bases (Art. 6(1) GDPR):

  • URL scanning & IP-based rate limiting – Legitimate interest (Art. 6(1)(f) GDPR). Our legitimate interest is to provide the AI visibility scoring service and to protect it from abuse.
  • Screenshot verification – Consent (Art. 6(1)(a) GDPR). By actively uploading a screenshot, you consent to its processing for verification purposes. You may withdraw consent at any time by not uploading a screenshot; however, withdrawal does not affect the lawfulness of processing performed prior to withdrawal.
  • PostHog analytics – Legitimate interest (Art. 6(1)(f) GDPR). Our legitimate interest is to understand anonymous usage patterns to improve the service. No personal data is stored on your device; analytics are cookie-free and anonymous.

How We Use Data

We process data exclusively to provide the AI visibility scoring service. URLs are analyzed to generate a score and report. Screenshots are used solely for verifying social media follows.

Screenshots

Screenshots are processed in-memory only. They are sent to Google Gemini for verification and immediately deleted after processing. Screenshots are never written to disk, stored in any database, or retained in any form. The screenshot data exists only for the duration of the API request.

Third-Party Data in Screenshots

Your screenshot may contain personal data of third parties (e.g. profile names, profile pictures of other users visible on screen). This data is processed exclusively for verification purposes and is subject to the same in-memory-only processing described above — it is never stored. By uploading a screenshot, you confirm that you are aware it may contain third-party data.

Automated Decision-Making

We use Google Gemini (an AI system) to automatically verify whether your uploaded screenshot shows a valid social media follow. This automated processing determines whether you gain access to the full report. The verification result is a simple yes/no decision. If you believe the automated decision is incorrect, you may upload a new screenshot or contact us at hello@seenbyai.dev to request a manual review.

AI-Generated Content

The AI visibility report you receive after verification is generated by an AI system (Google Gemini). AI-generated content may contain inaccuracies. This disclosure is made in accordance with Art. 50(4) of Regulation (EU) 2024/1689 (AI Act).

Data Retention

  • Scan data (URL, score, scan metadata) – retained indefinitely to allow you to revisit your results.
  • Unlock records (verification status, generated report) – retained indefinitely alongside the associated scan.
  • Screenshots – not retained. Processed in memory and discarded immediately.
  • IP addresses – held in server memory only for the duration of rate-limit windows (max. 1 minute). Not written to any persistent storage.

You may request deletion of your scan data at any time by contacting us at hello@seenbyai.dev.

Third-Party Services

We use the following third-party processors:

  • Vercel Inc. (USA) – Hosting and serverless functions. Covered by the EU-US Data Privacy Framework.
  • Supabase Inc. (USA) – Database for scan results. Covered by the EU-US Data Privacy Framework.
  • Google LLC (USA) – Gemini AI for screenshot verification and report generation. Covered by the EU-US Data Privacy Framework.
  • PostHog Inc. (EU) – Anonymous, cookie-free usage analytics. No personal data is stored on your device. Data processed within the EU (Frankfurt).

No Cookies

This website does not use cookies or store any data on your device. We use cookie-free analytics (PostHog with in-memory persistence) that generate anonymous, non-persistent identifiers. No cookie consent banner is required.

Obligation to Provide Data

You are not legally or contractually obliged to provide any personal data. However, without submitting a URL, the scanning service cannot be used. Without uploading a screenshot, the full report cannot be unlocked. There are no consequences beyond the inability to use the respective feature.

Your GDPR Rights

Under the GDPR, you have the right to:

  • Access the personal data we hold about you (Art. 15)
  • Rectification of inaccurate personal data (Art. 16)
  • Erasure of your personal data (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing based on legitimate interest (Art. 21)
  • Withdraw consent at any time where processing is based on consent (Art. 7(3))
  • Lodge a complaint with a supervisory authority (Art. 77)

Supervisory Authority

The competent supervisory authority is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (HBDI)
Postfach 3163
65021 Wiesbaden
Germany

You have the right to lodge a complaint with this or any other EU supervisory authority.

Contact

For any privacy-related inquiries, please contact us at hello@seenbyai.dev.