Privacy Policy

Last updated: October 2025
Entity: SharePath AI, Inc. (Delaware C Corp)
Address:2500 2nd Street, Unit 401, Long Beach, California, USA
Contact: dev@sharepath.ai

SharePath ("us", "we", or "our") operates the SharePath website and services (the "Service"). This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

We will not use or share your information with anyone except as described in this Privacy Policy.

Who We Are

SharePath AI is a Software-as-a-Service (SaaS) company that helps marketing and SEO teams build and automate AI-powered workflows and measure their performance across large language models (LLMs).

We act as a data controller under GDPR/UK GDPR and as a business under the California Privacy Rights Act (CPRA).

If you have any questions, contact us at dev@sharepath.ai.

What Data We Collect

Account & Identity Data

Name, email, password, company, role, workspace, billing contact, and plan details. Used to create and manage your account, provide access, and send service-related notices.

Usage & Activity Data

Feature usage, clicks, pages viewed, timestamps, IP, browser type, and crash logs. Used to improve performance, security, and product reliability.

Content & Workflow Data

Inputs, drafts, prompts, uploaded files, and task metadata (e.g., region, language). Used to generate and deliver workflow outputs to you.

Analytics & Performance Data

Aggregated SEO/LLM visibility data (citations, sentiment, share-of-voice). Used to generate reports and improve features.

Payment & Billing Data

Processed by our payment provider (we don’t store full card details). We retain transaction IDs and invoices for accounting and compliance.

Support & Communication Data

Messages, support tickets, and feedback you send us. Used to respond to your requests and improve customer support.

Marketing & Website Data

Analytics, cookies, and pixels to measure site traffic, user journeys, and marketing performance. Used to understand and improve engagement with our website and emails.

You can control cookies and marketing preferences anytime (see Section 9).

How We Use This Data

We use your data to:

  • Provide and maintain the SharePath AI platform
  • Secure accounts and prevent abuse
  • Respond to inquiries and provide support
  • Improve features and fix bugs
  • Send product updates and marketing emails (if you opt in)
  • Comply with legal obligations (tax, accounting, security)

We do not sell or share personal data for advertising or profiling as defined under the CPRA (https://oag.ca.gov/privacy/ccpa).

Legal Bases for Processing (EU/UK only)

Under GDPR Articles 6(1)(a–f):

PurposeLegal Basis
Account creation, billing, platform useContract (Art. 6(1)(b))
Analytics and service improvementLegitimate Interests (Art. 6(1)(f))
Marketing emailsConsent (Art. 6(1)(a))
Legal compliance (e.g., tax retention)Legal Obligation (Art. 6(1)(c))

You can withdraw consent at any time by clicking “unsubscribe” or emailing dev@sharepath.ai.

Sources:

GDPR text — https://eur-lex.europa.eu/eli/reg/2016/679/oj
UK ICO lawful basis guidance — https://ico.org.uk/for-organisations/guide-to-data-protection/

How Long We Keep Data

We retain data only as long as needed for the purposes above or as required by law:

  • Account & identity data: up to 12 months after closure
  • Workflow data: deleted or anonymized within 90 days of termination
  • Analytics: 24 months (rolling)
  • Billing: 7 years (tax law)
  • Logs: 12 months
  • Marketing: up to 13 months (based on cookie settings)
  • Support records: 24 months

After these periods, data is deleted or anonymized. (GDPR Art. 5(1)(e): storage limitation — https://eur-lex.europa.eu/eli/reg/2016/679/oj

Who We Share Data With

We only share data with trusted vendors (“subprocessors”) that help us operate the service:

  • Cloud hosting: Microsoft Azure (U.S.)
  • AI infrastructure: OpenAI
  • Payments: Stripe
  • Analytics & session tools: Generic third-party analytics and tracking providers

All vendors are contractually bound to data protection and confidentiality standards and meet SOC 2 or ISO 27001-level controls.

International Data Transfers

We host data primarily in the U.S. (Microsoft Azure). When EU/UK data is transferred internationally, we rely on:

Azure also participates in the DPF and implements the SCCs.

Your Rights

Depending on where you live, you may have the right to:

  • Access a copy of your personal data
  • Request correction or deletion
  • Object to certain processing (e.g., marketing)
  • Request data portability
  • Withdraw consent at any time

EU/UK users: You can exercise these rights by emailing dev@sharepath.ai. If unresolved, you can contact your national data protection authority (see EDPB list — https://edpb.europa.eu/).

California residents: You may request access, correction, or deletion at dev@sharepath.ai and opt out of any data “sharing.” Global Privacy Control (GPC) browser signals are honored. (References: CPRA – https://oag.ca.gov/privacy/ccpa; CPPA regulations – https://cppa.ca.gov/regulationshttps://cppa.ca.gov/regulations/)

Cookies and Similar Technologies

We use functional, analytics, and advertising cookies to:

  • Remember your preferences
  • Measure website usage
  • Improve performance
  • Track aggregated campaign metrics

Non-essential cookies are only placed after consent (EU/UK users). You can manage your choices anytime through our Cookie Preferences panel. For details, see our separate Cookie Policy.

Guidance:

Security Practices

We use industry-standard controls to protect data:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Role-based access control (RBAC) and MFA
  • Continuous monitoring, backups, and audit logs
  • Subprocessor security reviews aligned with SOC 2/ISO 27001

While we work to protect your data, no online system is 100% secure. If we detect a data breach affecting you, we’ll notify you and relevant authorities within 72 hours (as required by GDPR Art. 33).

Children’s Data

SharePath AI is not directed to or intended for use by children under 16. We do not knowingly collect children’s data. If you believe a child’s data has been submitted, please contact us for deletion.

Changes to This Policy

We may update this policy from time to time. When changes are significant, we’ll notify users by email or in-app notice at least 7 days before they take effect. Continuing to use the platform after that means you accept the new version.

Contact

Email: dev@sharepath.ai
Mail: SharePath AI, 2500 2nd Street, Unit 401, Long Beach, CA, USA

Regional Add-Ons

A. EU/UK Add-On

  • Representative: SharePath AI will appoint an EU/UK Article 27 representative before launch.
  • Complaints: You may contact your national data protection authority (see list: https://edpb.europa.eu/about-edpb/board/members_en).
  • Transfers: Conducted under DPF or SCCs + UK IDTA, as described above.

B. California Add-On (CPRA)

  • We do not sell or share personal data as defined by the CPRA.
  • You have the right to:
    • Know what categories of data we collect
    • Request deletion or correction
    • Opt out of "sale" or "sharing" (not applicable)
  • "Do Not Sell or Share My Personal Information" requests may be sent to dev@sharepath.ai.