Privacy Policy

Last updated: 22 June 2026

This Privacy Policy explains how GeoContextAI Pty Ltd ("we", "us", "our"), registered in Sydney, Australia, collects, uses, and protects your personal information when you use the GeoContextAI platform ("Service").

We comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). For users in the European Economic Area (EEA) or United Kingdom, we also comply with the General Data Protection Regulation (GDPR) where applicable.

1. Information We Collect

Account information

  • Email address (required for account creation)
  • Name (if provided via Google sign-in or profile)
  • Profile image (if provided via Google sign-in)

Brand and business data

  • Company name, website URL, and brand aliases
  • Competitor names and URLs
  • Keywords, audience segments, and monitoring prompts

Service-generated data

  • AI platform responses to your monitoring prompts
  • Extracted mentions, sentiment scores, and visibility metrics
  • Citation URLs and forensic analysis results
  • Hallucination alerts and factual baseline comparisons

Usage data

  • Pages visited and features used (via PostHog analytics)
  • Browser type, device, and approximate location
  • Timestamps and session information

2. How We Use Your Information

  • To provide the Service: Run monitoring queries, extract mentions, compute metrics, generate reports, and deliver recommendations.
  • Account communications: Send verification emails, password resets, security alerts, and monitoring reports you have opted into.
  • Product updates: If you opt in, send product news, tips, and offers. You can unsubscribe at any time.
  • To improve the Service: Analyse aggregated, anonymised usage patterns to improve features and performance.
  • Legal compliance: Comply with applicable laws, regulations, and legal processes.

3. Third-Party Services

We use the following third-party services that may process your data:

ServicePurposeData shared
ClerkAuthenticationEmail, name, profile image
AWS (Aurora, S3, ECS, SQS)Infrastructure and data storageAll service data (encrypted at rest)
ResendTransactional and report emailsEmail address, report content
PostHogProduct analyticsAnonymised usage events, page views
OpenAI, Anthropic, Google, PerplexityAI platform queriesMonitoring prompts (no personal data)
CloudflareDNSIP address (standard DNS resolution)

4. Cookies and Tracking

We use the following cookies and tracking technologies:

  • Clerk session cookies: Required for authentication. These are essential cookies and cannot be disabled.
  • PostHog analytics: Tracks anonymised product usage to help us improve the Service. You can opt out via your browser's Do Not Track setting.

We do not use advertising cookies or sell data to advertisers.

5. Email Communications

We send two categories of email, each controlled by separate consent:

  • Account and reporting emails: Welcome email, monitoring reports, security alerts, and account notifications. You consent to these during signup and can manage preferences in your dashboard settings.
  • Product updates and marketing: Product news, tips, and promotional offers. These are opt-in only. You can unsubscribe at any time via the link in any email or in your dashboard settings.

Transactional emails required for account security (password resets, login alerts) are always sent regardless of your preferences, as they are necessary for the operation of the Service.

6. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account deletion.
  • AI monitoring responses: Stored in S3 for as long as your account is active to provide historical analysis.
  • Analytics data: Anonymised usage data may be retained indefinitely for product improvement.

7. Data Security

We protect your data with:

  • Encryption at rest (AWS Aurora, S3) and in transit (TLS/HTTPS)
  • Authentication via Clerk with email verification
  • Access controls limiting data access to authorised personnel
  • Regular security reviews of our infrastructure

No system is 100% secure. If we become aware of a data breach affecting your personal information, we will notify you and relevant authorities as required by law.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data. You can delete your account from the dashboard, or email us.
  • Data portability: Request your data in a machine-readable format.
  • Withdraw consent: Withdraw consent for marketing emails at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint: Contact the Office of the Australian Information Commissioner (OAIC) or your local data protection authority.

To exercise any of these rights, contact us at support@geocontextai.com. We will respond within 30 days.

9. International Transfers

Your data is primarily stored on AWS infrastructure in the Asia-Pacific (Sydney) region. Some third-party services (Clerk, PostHog, Resend, AI platforms) may process data in other regions, including the United States. Where data is transferred internationally, we ensure appropriate safeguards are in place as required by applicable law.

10. Children

The Service is not intended for anyone under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service. The "Last updated" date at the top indicates the most recent revision.

12. Contact

For privacy inquiries, data requests, or complaints: