← Back to home

Privacy Policy

Last updated: 2026-01-30

Overview

Needlepick ("we," "our," or "us") is an AI visibility intelligence platform that helps businesses understand how they appear in AI-generated responses. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Information We Collect

Account Information

  • Email address and password (hashed)
  • Company name and domain
  • Billing information (processed by Stripe)

Crawled Data

Our crawler visits publicly accessible web pages on domains you specify. We collect:

  • Page content, titles, and metadata
  • Site structure and internal links
  • Technical SEO signals (schema, headers, performance)

We only crawl domains you authorize. We respect robots.txt directives and rate-limit our requests to avoid impacting site performance.

AI Visibility Data

We query AI models (ChatGPT, Claude, Gemini, Perplexity) with prompts related to your industry to understand how your brand appears in responses. This data includes:

  • AI-generated responses mentioning your brand or competitors
  • Ranking and sentiment analysis of mentions
  • Trend data over time

Usage Data

  • Pages visited within our application
  • Features used and actions taken
  • Device type, browser, and IP address (anonymized)

How We Use Your Information

  • Provide, maintain, and improve our services
  • Generate AI visibility reports and insights for your account
  • Process payments and manage subscriptions
  • Send transactional emails (welcome, password reset, billing)
  • Respond to support requests
  • Detect and prevent fraud or abuse

Data Sharing

We do not sell your personal information. We share data only with:

  • Service providers: Stripe (payments), email providers (transactional email)
  • AI providers: We send anonymized prompts to AI models; no personal data is included in these queries
  • Legal requirements: When required by law or to protect our rights

Data Retention

We retain your data for as long as your account is active. Crawl data and AI visibility reports are retained for 24 months to enable trend analysis. Upon account deletion, we remove your personal data within 30 days, except where retention is required by law.

Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.3) and at rest
  • Regular security audits
  • Access controls and authentication
  • Secure infrastructure hosted in SOC 2 compliant data centers

Your Rights

Depending on your location, you may have rights to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict certain processing

To exercise these rights, contact us at [email protected].

Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or sell data to advertisers. Our analytics are privacy-focused and do not track individual users across sites.

Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or a notice in our application.

Contact Us

Questions about this Privacy Policy? Contact us at:
[email protected]