Privacy Policy
Effective date: 25 May 2026
1. Who we are
ContentGrapher is operated by Daniel K Cheung ("we", "us", "our"). We are the data controller for the personal data described in this policy.
Contact:
- ABN: 97 136 392 116
- Email: privacy@contentgrapher.io
If you have concerns about how we handle your data, you have the right to lodge a complaint with your local supervisory authority (see Section 14).
2. What personal data we collect
We collect personal data in the following ways:
When you create an account (magic link or Google OAuth):
- Email address
- Authentication provider (email magic link or Google)
- Google ID (if you sign in with Google)
When you use the service before signing in:
- Device token — a randomly generated UUID stored in your browser's localStorage, used to track anonymous usage (e.g. free analysis count)
When you submit content for analysis:
- URLs you provide for scraping
- Text content you paste or submit
- Audience specification you provide
- Analysis results stored as structured JSON
When you purchase credits:
- Stripe customer ID (created on your first purchase and stored with your account)
- Payment intent ID, pack type, amount, and credits granted
- Stripe handles your card details directly — we never see or store card numbers
Automatically collected:
- IP address — stored in our rate-limit table for abuse prevention, retained for 30 days
- Session metadata via cookies (see Section 11)
- Analytics data (EEA/UK: where you consent; all other regions: by default) — pages visited, events triggered, session duration, device type, browser, OS, and approximate city-level geographic location. Collected via Google Analytics 4.
3. Legal basis for processing
We rely on the following legal bases under GDPR Article 6(1):
| Processing activity | Legal basis | Detail |
|---|---|---|
| Account creation and authentication | Contract performance (Art. 6(1)(b)) | Necessary to provide the service you signed up for |
| Running content analysis | Contract performance (Art. 6(1)(b)) | Core service delivery — you submit content, we return analysis |
| Storing analysis results | Contract performance (Art. 6(1)(b)) | Enables re-analysis, delta tracking, and sharing features |
| Processing payments | Contract performance (Art. 6(1)(b)) + Legal obligation (Art. 6(1)(c)) | Fulfilling your purchase; retaining records for tax compliance |
| IP-based rate limiting | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is preventing abuse of the free tier and protecting service availability for all users. We limit storage to IP address and request count, retain for 30 days only, and do not use this data for profiling or marketing. |
| Device token (pre-login tracking) | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is enforcing free-tier limits and providing continuity when anonymous users later create an account. The token is a random UUID with no identifying information; it cannot identify you personally without additional data. |
| Anonymised correction records | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is improving the accuracy of the analysis pipeline. Corrections are anonymised before storage — no account identifier, no content text — and cannot be linked back to you individually. You may opt out in your account settings at any time. |
| Analytics (GA4) | Consent (Art. 6(1)(a)) for EEA/UK users; Legitimate interest (Art. 6(1)(f)) for all other regions | EEA and UK users must accept via the consent banner. For non-EEA/UK users, our legitimate interest is understanding how the Site is used to improve it; analytics data is aggregate, not used for profiling, and no individual-level data is retained by ContentGrapher. |
4. How we use your data
We process your personal data for these purposes:
- Authentication — verifying your identity via magic link email or Google OAuth, issuing session tokens, and maintaining your signed-in state.
- Running analysis — sending your submitted content and URLs to our processing pipeline (which includes third-party AI and scraping services) to generate structural completeness reports.
- Billing — creating Stripe customers, processing credit pack purchases, tracking credit balances, and maintaining records for tax obligations.
- Analytics — understanding how visitors navigate and use the Site, identifying usability issues, and informing product decisions. Analytics data is processed in aggregate and not used for individual profiling or advertising.
- Rate limiting — tracking request volume by IP address to prevent abuse and maintain service quality for all users.
- Account continuity — migrating analyses from your anonymous device token to your account when you sign in.
- Sharing — generating time-limited share tokens so you can share analysis reports with others.
We do not use your data for advertising, profiling, automated decision-making with legal effects, or sale to third parties.
5. Analysis corrections
If you choose to flag a classification in your analysis as inaccurate, ContentGrapher records the correction in anonymised form — structural metadata about the correction, with no content text, no account identifiers, and no personally identifiable information included. Anonymised corrections may be used to improve analysis quality for similar topics across the platform. You may opt out of contributing corrections to platform improvement in your account settings.
6. Third-party processors
We share personal data with the following processors, all based in the United States:
| Processor | Purpose | Data shared | Privacy policy |
|---|---|---|---|
| Anthropic (Claude API) | AI-powered content analysis | Submitted content, audience specification, URLs | anthropic.com/legal/privacy |
| Bright Data | Web scraping | Public URLs submitted by users | brightdata.com/privacy |
| Firecrawl | Web scraping | Public URLs submitted by users; page content fetched from those URLs. Processed under Firecrawl's standard terms, which may include brief transient retention per their privacy policy. | firecrawl.dev/privacy-policy |
| Stripe | Payment processing | Email address, payment metadata | stripe.com/privacy |
| Resend | Transactional email delivery | Email address, magic link token | resend.com/privacy-policy |
| OAuth identity provider | Email address, OAuth tokens | policies.google.com/privacy | |
| Google (Analytics) | Site usage analytics | Page views, events, session data, device info, approximate location | policies.google.com/privacy |
| DataForSEO | Search data retrieval | Topic data derived from submitted content | dataforseo.com/privacy-policy |
| Neon | Database hosting | All stored data (encrypted at rest) | databricks.com/legal/privacynotice |
| Vercel | Application hosting and edge runtime | Request metadata, application data in transit | vercel.com/legal/privacy-policy |
7. AI processing disclosure
When you submit content for analysis, your text (or text scraped from URLs you provide) is sent to Anthropic's Claude API for processing. This is the core mechanism that generates your analysis reports.
Specifically, Anthropic receives:
- The text content of the page you are analyzing
- Your audience specification (e.g. "senior developers familiar with React")
- Processing instructions that configure the analysis
Anthropic processes this data under their data processing agreement with us. Per Anthropic's API terms, data submitted via the API is not used to train their models. Your content is processed transiently to generate the analysis response and is not retained by Anthropic beyond their standard API log retention period.
8. International data transfers
All our third-party processors are based in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this means your data is transferred to a country that does not currently have an adequacy decision from the European Commission (note: the EU-US Data Privacy Framework may apply to some processors).
We are in the process of establishing appropriate transfer safeguards with each processor. Where a processor holds current certification under the EU-US Data Privacy Framework (DPF), we rely on that certification as the transfer mechanism. For processors not covered by DPF certification, we are working to execute Data Processing Agreements (DPAs) incorporating Standard Contractual Clauses (SCCs).
9. Data retention
We retain your data for the following periods:
| Data | Retention period | Reason |
|---|---|---|
| Account data (email, IDs) | Until you delete your account | Service operation |
| Analysis results | Until you delete them or request erasure | Core service feature — re-analysis and delta tracking |
| IP rate-limit records | 30 days (rolling window) | Abuse prevention only |
| Magic link tokens | Up to 7 days | Short-lived authentication tokens |
| Session tokens | 7 days | Session duration |
| Share tokens | 90 days from creation | Time-limited sharing feature |
| Search data cache | Up to 60 days | Data minimisation |
| Credit pack records | Duration of account + 7 years after termination | Tax and accounting obligations |
| Device token (localStorage) | Until browser storage is cleared | Anonymous usage tracking |
| Free-tier credits | 12 months from when the device was first registered (first app visit) | Time-limited free allowance; window continues if you later create an account |
| Anonymised correction records | Until you opt out or delete your account | Platform quality improvement; no PII stored |
When you delete your account, we remove your personal data within 30 days, except where retention is required by law (e.g. payment records for tax purposes).
10. Your rights under GDPR
If you are in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:
1. Right of access (Art. 15) — You can request a copy of all personal data we hold about you. Contact us at privacy@contentgrapher.io and we will provide your data in a structured, machine-readable format within 30 days.
2. Right to rectification (Art. 16) — If any data we hold about you is inaccurate or incomplete, you can ask us to correct it. For email changes, contact us at privacy@contentgrapher.io.
3. Right to erasure (Art. 17) — You can request deletion of your account and all associated data. You can do this via the account settings page in the Service, or by emailing privacy@contentgrapher.io. We will complete erasure within 30 days, except where we have a legal obligation to retain certain records (see Section 9).
4. Right to restriction of processing (Art. 18) — You can ask us to temporarily stop processing your data while we resolve a dispute about its accuracy or our legal basis for processing.
5. Right to data portability (Art. 20) — You can request your analysis results and account data in a structured, commonly used, machine-readable format (JSON). Contact us at privacy@contentgrapher.io.
6. Right to object (Art. 21) — You can object to processing based on legitimate interest (IP rate limiting and device token tracking). We will stop processing unless we can demonstrate compelling legitimate grounds. To object, contact us at privacy@contentgrapher.io.
To exercise any of these rights, email us at privacy@contentgrapher.io. We will respond within 30 days. We may ask you to verify your identity before processing your request.
11. Cookies and tracking
We use a minimal set of cookies and browser storage. Full details are in our Cookie Policy. Here is a summary:
Cookies:
| Cookie | Purpose | Duration | Category |
|---|---|---|---|
| session_token | Authentication (keeps you signed in) | 7 days | Strictly necessary |
| oauth_state | CSRF protection during Google OAuth | 10 minutes | Strictly necessary |
| oauth_next | Redirect destination after OAuth | 10 minutes | Strictly necessary |
| device_token | Links anonymous analyses to a device during sign-in flow | 10 minutes (transient cookie) | Strictly necessary |
| _ga | Google Analytics client ID | 2 years | Analytics |
| _ga_G-KGMX6V2YL4 | GA4 session persistence | 2 years | Analytics |
| _gid | GA4 session distinction | 24 hours | Analytics |
localStorage:
| Key | Purpose | Category |
|---|---|---|
| device_token | Anonymous usage tracking UUID | Functional |
| site_theme | UI theme preference (light/dark) | Functional |
Analytics cookies (`_ga`, `_ga_G-KGMX6V2YL4`, `_gid`) are non-essential. EEA and UK users are asked for consent via a banner on first visit. If you decline, these cookies are not set. You can change your preference at any time using the "Cookie settings" link in the footer. Non-EEA users have analytics active by default.
Strictly necessary and functional cookies do not require consent under ePrivacy rules.
12. Children
ContentGrapher is not directed at anyone under the age of 16. We do not knowingly collect personal data from children. Users must confirm they are 16 or older when creating an account.
If we become aware that we have collected data from a user under 16, we will delete their account and associated data promptly. If you believe a child has provided us with personal data, please contact us at privacy@contentgrapher.io.
13. Changes to this policy
We may update this privacy policy from time to time. When we do:
- Minor changes (clarifications, formatting) will be posted here with an updated effective date.
- Material changes (new data collection, new processors, changed retention) will be communicated to you via email at the address associated with your account, at least 14 days before the changes take effect.
We encourage you to review this policy periodically. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.
14. Contact and complaints
Data controller:
- Daniel K Cheung (ABN: 97 136 392 116)
- Email: privacy@contentgrapher.io
Complaints:
If you believe we have not handled your data correctly, you have the right to lodge a complaint with a supervisory authority:
- UK: Information Commissioner's Office (ICO) — ico.org.uk
- EU: Your local data protection authority — list of EEA authorities
- Australia: Office of the Australian Information Commissioner (OAIC) — oaic.gov.au
We would appreciate the opportunity to resolve your concerns directly before you escalate to a supervisory authority. Please contact us first and we will respond within 30 days.
15. Australian Privacy Act
ContentGrapher is subject to the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Daniel Cheung, as the operator, is the entity responsible for handling personal data in accordance with those principles. Australian users who have an unresolved privacy concern after contacting us may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. We will cooperate fully with any OAIC inquiry or investigation.
This policy was last updated on 25 May 2026.