Privacy Policy

We collect the following categories of data when you use AIORadar:

We use the data we collect for the following purposes:

• Providing and operating the AIORadar service features you have subscribed to
• Processing payments and managing subscriptions via Lemon Squeezy
• Sending transactional emails (plan confirmation, usage alerts, weekly digest if opted in) via Resend
• Enforcing plan usage limits and detecting abuse
• Improving the service based on aggregated, anonymized usage patterns
• Responding to your support requests
• Complying with legal obligations

We do not sell your personal data to third parties. We do not use your data to train AI models. We do not use your data for advertising targeting.

AIORadar is hosted on Railway, a cloud hosting provider. Your data is stored on Railway-managed infrastructure in their default region. We use a filesystem-based JSON storage architecture, which means your data is stored in structured files on a persistent volume attached to our Railway service.

Google OAuth tokens are encrypted at rest using AES-256 encryption before being written to disk. The encryption key is stored as an environment variable and is not persisted in source code or version control.

We implement the following security measures: HTTPS for all data in transit, rate limiting on all API endpoints to prevent abuse, server-side input validation to prevent injection attacks, and IP allowlisting for administrative functions. We conduct periodic security audits and address identified issues on a priority basis.

No system is completely secure. While we take appropriate precautions, we cannot guarantee the absolute security of your data. If we become aware of a data breach that materially affects your personal data, we will notify you within 72 hours.

AIORadar integrates with the following third-party services. Each service has its own privacy policy governing how they handle your data:

We retain your account data and client workspace data for as long as your account is active. If you cancel your subscription, your data is retained for 90 days to allow for account reactivation or data export. After 90 days, all client workspace data (keywords, scan results, GSC data, content drafts) is permanently deleted.

Server logs are retained for 30 days and then automatically purged. OAuth tokens are deleted when you disconnect a service or delete your account. Usage counters are retained for 12 months for billing dispute resolution.

Depending on your location, you may have rights regarding your personal data, including the right to access, correct, or delete your personal data; the right to data portability; the right to withdraw consent; and the right to lodge a complaint with a supervisory authority.

To exercise these rights, contact us at support@aioradar.co. We will respond within 30 days. For data deletion requests, note that some data may be retained for legal compliance or legitimate business purposes (such as billing records).

You can disconnect Google services at any time from the Settings panel, which will delete the stored OAuth tokens. You can export your keyword lists and scan results from the export function in each module.

AIORadar uses essential cookies required for authentication sessions (managed by Clerk) and to maintain your signed-in state. We do not use advertising cookies or cross-site tracking cookies. We use no third-party analytics cookies.

The AIORadar marketing pages (landing page, blog, docs) do not load any tracking scripts. No cookie consent banner is displayed because we do not use non-essential cookies.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

We may update this Privacy Policy from time to time. When we make significant changes, we will notify active users by email and update the "Last updated" date at the top of this page. Continued use of AIORadar after policy changes constitutes acceptance of the revised policy.