Privacy Policy

1. Who We Are

ContentPulse ("ContentPulse", "we", "us", or "our") provides an AI-powered content generation, optimization, and publishing platform. For the purposes of applicable data protection law, ContentPulse acts as the data controller for account and marketing data, and as a data processor for content and integration data you submit through the Services.

2. Information We Collect

We collect the following categories of information:

• Information you provide — name, email address, company name, billing details, and any content, prompts, briefs, or settings you submit.
• Usage data — API calls, content generated, feature usage, and interactions with the platform.
• Technical data — IP address, browser type, device information, and cookies (see our Cookie Policy).
• Third-party integration data — data you authorize us to access from connected services (for example, Google Search Console, Shopify, or WordPress).

3. How We Use Your Data

We use your data to provide and operate the Services, process billing and subscriptions, send service and security notifications, provide support, improve and develop features, prevent fraud and abuse, and comply with legal obligations. We do not sell your personal data to third parties.

4. Legal Bases for Processing

Where the EU/UK General Data Protection Regulation applies, we process personal data on the basis of: (a) performance of our contract with you; (b) your consent (which you may withdraw at any time); (c) our legitimate interests in operating and securing the Services; and (d) compliance with legal obligations.

5. Data Sharing and Sub-processors

We share data only with service providers (sub-processors) who help us operate the Services — for example, cloud hosting, payment processing, email delivery, and AI model providers. These providers are bound by contractual obligations to protect your data and use it only to provide services to us. We may also disclose data where required by law or to protect our rights.

6. International Data Transfers

Your data may be processed in countries other than your own. Where we transfer personal data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or an adequacy decision.

7. Data Retention

Content and account data is retained for the duration of your subscription plus 30 days. Audit logs are retained for 12 months. We retain certain data longer where required for legal, tax, or accounting purposes. You may request deletion at any time.

8. Your Rights

Depending on your location, you may have the right to access, correct, export, restrict, or delete your personal data, to object to certain processing, and to withdraw consent. California residents have additional rights under the CCPA/CPRA, including the right to know and the right to opt out of "sales" or "sharing" (we do neither). To exercise any right, contact [email protected]. You also have the right to lodge a complaint with your local supervisory authority.

9. Data Security

We use AES-256 encryption at rest, TLS in transit, multi-tenant data isolation, and full audit trails. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Services are not directed to individuals under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will delete it.

11. Google API Services — Data Collection and Use

ContentPulse offers an optional integration with Google Search Console via the Google API. When you choose to connect your Google Search Console account, we access and store the following data:

• Google account email address — used solely to identify the connected account in your dashboard.
• Search Analytics data — keywords, impressions, clicks, average position, and click-through rates for your verified properties.
• Page indexing status — whether your pages are indexed, any crawl issues, and rich result eligibility.
• OAuth access and refresh tokens — encrypted at rest and used exclusively to authenticate API requests on your behalf.

11.1 Purpose

This data is used exclusively to display search performance analytics in your ContentPulse dashboard and to submit URL indexing requests or sitemaps on your behalf. We do not use your Google data for advertising, profiling, or any purpose unrelated to the features you have explicitly enabled.

11.2 Storage and Security

OAuth tokens are encrypted using AES-256 before storage. Search keyword and indexing data is stored in our database and associated with your website record. All data is transmitted over TLS-encrypted connections.

11.3 Data Sharing

Your Google user data is never sold, rented, or shared with any third party. It is accessible only to you and to authorised ContentPulse system processes that operate on your behalf.

11.4 Data Retention and Deletion

Google data is retained for the duration of your active connection. When you disconnect your Google Search Console account (via your website settings), all associated OAuth tokens are immediately deleted and revoked on Google's servers. Historical search keyword and indexing data is retained for analytical continuity but can be deleted upon request by contacting [email protected].

11.5 Revoking Access

You can disconnect your Google Search Console integration at any time from your website settings in the ContentPulse dashboard. This immediately revokes our access to your Google data. You may also revoke access directly from your Google Account permissions page.

11.6 Compliance

ContentPulse's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated revision date and, where required, communicated to you directly.

13. Contact

For any privacy-related question or request, contact [email protected].