Legal

Privacy Policy

Last updated: May 5, 2026  ·  Effective: May 5, 2026

Plain-English summary: We collect your email and audit URLs to provide the service. We don't sell your data. We use industry-standard third-party tools to process payments, send emails, and run AI analysis. You can request deletion of your data at any time by emailing privacy@quivra.io.

1. Who We Are

Quivra.io ("Quivra," "we," "our," or "us") is an SEO analysis platform that helps website owners audit their search engine and AI search visibility. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our website at quivra.io and related services (collectively, the "Service").

For questions about this policy, contact us at privacy@quivra.io.

2. Data We Collect

Information you provide directly:

Information collected automatically:

Information about third-party websites:

When you submit a URL for auditing, our servers fetch publicly available data from that URL (HTML, robots.txt, sitemap.xml). We do not access any private or authenticated pages of third-party sites.

3. How We Use Your Data

We use the information we collect to:

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Third-Party Services

We share data with the following service providers solely to operate the Service. Each is bound by their own privacy practices:

Stripe
Payment processing & subscription management. Stripe handles all card data under PCI-DSS compliance.
Resend
Transactional email delivery (alerts, digests, password resets).
Anthropic (Claude)
AI-powered SEO fix recommendations. Audit data is sent to Claude's API for analysis.
Railway
Cloud hosting and PostgreSQL database. Data is stored on Railway-managed infrastructure.
Google Custom Search
Keyword position tracking. Keywords are sent to Google's API to check search rankings.

We may also disclose your information if required by law, court order, or government request, or to protect the rights, property, or safety of Quivra.io, our users, or others.

5. Cookies & Tracking

We use a minimal set of cookies:

We do not use third-party advertising cookies, cross-site tracking pixels, or behavioral profiling.

You can clear cookies and localStorage at any time through your browser settings. Clearing the auth cookie will log you out.

6. Data Retention

7. Your Rights

Regardless of your location, you have the right to:

To exercise any of these rights, email privacy@quivra.io. We respond within 30 days.

8. GDPR — EU/EEA Users

If you are located in the European Union or European Economic Area, the following applies under the General Data Protection Regulation (GDPR):

Legal bases for processing:

Data transfers: Your data may be processed in the United States (Railway, Stripe, Anthropic). We rely on standard contractual clauses and the EU-U.S. Data Privacy Framework where applicable.

Data Protection Officer: We do not currently have a formal DPO. Privacy inquiries go to privacy@quivra.io.

Right to lodge a complaint: You may file a complaint with your local data protection supervisory authority.

9. CCPA — California Users

If you are a California resident, the California Consumer Privacy Act (CCPA) and its amendment (CPRA) grant you additional rights:

To submit a CCPA request, email privacy@quivra.io with "CCPA Request" in the subject line. We will verify your identity before fulfilling the request.

10. Security

We take reasonable technical and organizational measures to protect your data, including:

No method of transmission over the internet is 100% secure. If you discover a security vulnerability, please report it responsibly to security@quivra.io.

11. Children's Privacy

The Service is not directed to children under 13 (or under 16 for EU users). We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us at privacy@quivra.io and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where required by law, notify you by email or prominent notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

13. Contact Us

For privacy-related questions, data access requests, or complaints: