PilotCitePrivacy Policy
Effective date: June 10, 2026.
This policy explains how PilotCite handles information for its AI visibility monitoring, research, prompt management, and content workflows.
Information we collect
We collect account details, sign-in identifiers, invite-code redemption data, waitlist email submissions, IP address and user-agent metadata, brand profiles, monitored prompts, competitor inputs, research queries, generated content requests, billing status, team membership, usage logs, and support messages or attachments you send us.
How we use information
We use this information to operate PilotCite, monitor AI citation visibility, generate research and content, enforce plan limits, process subscriptions, secure accounts, debug the product, measure service costs, and communicate account or product updates.
Service providers
PilotCite uses Supabase for authentication, database, and private support-attachment storage; Stripe for billing; Vercel for hosting, workflows, and AI Gateway; Sentry for error monitoring; Upstash for cache and rate limits; Resend for email; OpenAI, Anthropic, Google, and Perplexity models for AI processing; SerpApi for search results; and Tavily for page extraction.
AI processing
Prompts, brand details, competitor names, research inputs, extracted page text, and generated-content instructions may be sent to AI or search providers so PilotCite can produce monitoring, research, classification, and content outputs.
Retention
We retain account, billing, prompt, monitoring, research, generated content, and audit data while your account is active or as needed for security, legal, billing, and product integrity. Historical monitoring data may be retained after a prompt is removed from active monitoring.
Your choices
You can update account and brand information in Settings. You can request account deletion, data access, correction, or export from Settings or through the account support channel used for your account. Deletion requests are reviewed before completion so active billing, ownership, and legal retention requirements can be handled safely.
Security
We use authentication, per-brand access controls, rate limits, row-level security, encrypted transport, and restricted service access to protect customer data. No internet service can guarantee absolute security.