Privacy that respects your data and ours.

When you create a Marketing AI account or request a callback, we collect your name, email address, company name, and any details you choose to share with us about your business.

Billing information

Payments are processed by Stripe. We do not store credit card numbers or bank account details. Stripe stores them under their own security and compliance program.

Workspace data (hosted plans)

When you connect Google Search Console, GA4, Google Ads, Meta Ads, TikTok Ads, or Ahrefs to your Marketing AI workspace, we receive read access (and, where you grant it, write access for campaign management) via OAuth. We use the data we receive to generate audits, briefs, content drafts, schema, ad creative, and reports - and we store the outputs of that work in your workspace.

Workspace data (Enterprise / on-prem)

None of your workspace data leaves your network. The Marketing AI binary runs inside your cloud or on-prem infrastructure. We do not see your audits, briefs, or campaign data unless you choose to share specific outputs with us.

Usage data

We collect standard product analytics (pages visited, features used, errors encountered) for hosted plans only. Enterprise deployments report no usage data to us.

Communications

When you email us, request a callback, or fill out a form, we keep a record of that communication so we can respond and follow up.

We use the information we collect to:

• Provide and improve Marketing AI features.
• Run audits, generate drafts, and ship campaign edits you have approved.
• Bill you for the plan you have chosen, via Stripe.
• Respond to support requests.
• Send important updates about your account or material changes to this policy.
• Detect abuse, fraud, and security incidents.

We do not use your workspace data to train AI models - yours, ours, or anyone else's. Anthropic and OpenAI also do not train on data sent through their APIs by default; we keep their training opt-outs enabled.

For hosted plans, we use the following sub-processors to deliver Marketing AI:

• Stripe - payment processing.
• Anthropic - Claude API for AI features.
• OpenAI - OpenAI API for AI features.
• Ahrefs - Ahrefs API for keyword and backlink data.
• Cloud hosting providers - to run the Marketing AI application and store workspace data.
• Email providers - for transactional and account email.
• Product analytics - usage data for the marketing site and hosted product, scoped to non-identifying telemetry where possible.

We do not sell your information. We do not share it with advertisers. We do not transfer it to third parties for their own marketing purposes.

For Enterprise (on-prem) deployments, sub-processors are limited to the providers you provision inside your own network. Marketing AI does not introduce additional third parties into the data path.

No matter where you are, you can:

• Access the data we hold about you - email sam@getmarketingai.pro and we will pull it together.
• Correct inaccurate data.
• Delete your account and the workspace data we hold for you. Hosted-plan data is deleted within 30 days of account closure.
• Export your audits, briefs, and reports at any time from inside the workspace.
• Object to specific processing - some objections may require account closure.
• Withdraw consent for OAuth-connected channels at any time, from your account settings or from the connected platform itself.

For California residents (CCPA), EU and UK residents (GDPR), and other privacy regimes, the rights above apply equally. We respond to verifiable requests within 30 days. There is no charge for reasonable requests.

The marketing site uses minimal cookies - session, theme preference, and product analytics. We do not run ad-retargeting pixels. Logged-in workspace sessions use authentication cookies that expire when you sign out.

We do not sell cookie data to advertisers. We do not run third-party ad networks on this site.

• All hosted-plan data is encrypted at rest and in transit.
• OAuth tokens are encrypted and scoped to least-privilege.
• Multi-factor authentication is available on every account.
• We run security reviews before each release.
• Enterprise (on-prem) deployments stay inside your network - your auditors set the perimeter.

We are not yet SOC 2 audited; that is on the roadmap. If you need formal compliance documentation today, Enterprise deployments running inside your own network bypass that requirement entirely - your existing auditors already cover that perimeter.

• Active hosted accounts: data is kept for as long as the account is active.
• Closed hosted accounts: workspace data is deleted within 30 days of closure.
• Billing records: kept for seven years to comply with US tax and accounting requirements.
• Email correspondence: kept indefinitely unless you ask us to delete it.
• Enterprise: retention is governed by your own infrastructure and policies, not ours.

Marketing AI is a US-based company. If you are outside the US, your data may be transferred to and processed in the US. For EU and UK residents, we apply Standard Contractual Clauses where required.

Marketing AI is built for businesses, not children. We do not knowingly collect data from anyone under 18. If you believe a child has given us their data, email us and we will delete it.

We update this policy when our practices change. Material changes are emailed to active accounts at least 30 days before they take effect. Non-material changes (typos, clarifications) take effect with no notice. The "Last updated" date at the top of this page reflects the most recent revision.

Privacy questions, access requests, deletion requests, or anything else - email Sam directly.