Privacy Policy
Summairize, LLC ("Summairize," "we," "our," "us") describes here how we collect, use, disclose, and protect personal information when you use our website and services (the "Service"). This Policy applies worldwide and is designed to meet requirements of the GDPR and UK GDPR as well as the CCPA and CPRA.
If you need an operational overview of how we crawl and safeguard content, see our Security, Privacy & Trust page.
1) Who we are and how to contact us
Controller: Summairize, LLC (Georgia, USA). Data Protection Contact: privacy@summairize.ai. We respond to privacy requests within applicable statutory timeframes.
2) Information we collect
- Account data: email address (via Auth0) and basic account metadata.
- Service inputs: domains you submit, the publicly available content we crawl from those domains at your request, queries you send, and corresponding outputs.
- Usage and logs: request counts, timestamps, technical, and performance data.
- Website analytics and cookies: when visiting our site, we use non-essential cookies such as Google Analytics (subject to consent where required) to understand site usage. See our Cookie Policy.
3) How we use information (purposes and legal bases)
- Provide and operate the Service (create and maintain accounts; process inputs; generate outputs). Legal basis: performance of a contract (Article 6(1)(b) GDPR).
- Maintain and improve the Service (monitoring, debugging, analytics on de-identified or aggregated data; quality and safety).Legal basis: legitimate interests (Article 6(1)(f)).
- Website analytics and non-essential cookies. Legal basis: consent where required by law (for example, EU and UK ePrivacy, GDPR).
- Legal compliance and enforcement. Legal basis: legal obligations (Article 6(1)(c)) and legitimate interests (Article 6(1)(f)).
- Future billing and account management (Stripe). Legal basis: performance of a contract.
4) Retention
We generally retain account information, Service inputs and outputs, and usage logs indefinitely unless you request deletion or applicable law requires earlier deletion. If you delete your account, we will remove personal identifiers from stored data and may continue to retain and use de-identified and aggregated data indefinitely for analytics and Service improvement.
5) Sharing and disclosures
We do not sell or "share" personal information as defined by the CPRA. We disclose data only to processors acting on our behalf, to comply with law, or to protect rights and safety.
Processors and sub-processors:
- Auth0 (identity and authentication)
- Google Analytics (website analytics, non-essential cookies)
- Stripe (payments in the future)
6) International transfers
We are based in the United States. When transferring data internationally, we use appropriate safeguards as required by law (for example, Standard Contractual Clauses with processors).
7) Your rights
GDPR and UK GDPR: You can request access, correction, deletion, restriction, portability, or object to processing based on legitimate interests. Where consent applies (for example, non-essential cookies), you can withdraw consent at any time.
CCPA and CPRA: California residents have the right to know, delete, correct, and limit use of sensitive personal information (we do not use SPI in a manner that triggers this right). We do not sell or share personal information for cross-context behavioral advertising.
To exercise rights, contact privacy@summairize.ai. We may need to verify your identity.
8) Children
The Service is not directed to children under 13 (or under 16 in the EU and UK). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us for deletion.
9) Security
We implement reasonable technical and organizational measures to protect personal information. No method of transmission or storage is 100% secure.
10) Changes
We may update this Policy from time to time. The "Last updated" date reflects the latest version. Material changes will apply prospectively.