Privacy Policy
Effective date: 18 May 2026
1. Who we are
ContentGrapher is operated by Daniel K Cheung ("we", "us", "our"). We are the data controller for the personal data described in this policy.
Contact:
- ABN: 97 136 392 116
- Email: privacy@contentgrapher.io
If you have concerns about how we handle your data, you have the right to lodge a complaint with your local supervisory authority (see Section 14).
2. What personal data we collect
We collect personal data in the following ways:
When you create an account (magic link or Google OAuth):
- Email address
- Authentication provider (magic_link or google)
- Google ID (if you sign in with Google)
When you use the service before signing in:
- Device token — a randomly generated UUID stored in your browser's localStorage, used to track anonymous usage (e.g. free analysis count)
When you submit content for analysis:
- URLs you provide for scraping
- Text content you paste or submit
- Audience specification you provide
- Analysis results (phase1_result, phase2_result) stored as structured JSON
When you purchase credits:
- Stripe customer ID (created on your first purchase and stored with your account)
- Payment intent ID, pack type, amount, and credits granted
- Stripe handles your card details directly — we never see or store card numbers
Automatically collected:
- IP address — stored in our rate-limit table for abuse prevention, retained for 30 days
- Session metadata via cookies (see Section 11)
3. Legal basis for processing
We rely on the following legal bases under GDPR Article 6(1):
| Processing activity | Legal basis | Detail |
|---|---|---|
| Account creation and authentication | Contract performance (Art. 6(1)(b)) | Necessary to provide the service you signed up for |
| Running content analysis | Contract performance (Art. 6(1)(b)) | Core service delivery — you submit content, we return analysis |
| Storing analysis results | Contract performance (Art. 6(1)(b)) | Enables re-analysis, delta tracking, and sharing features |
| Processing payments | Contract performance (Art. 6(1)(b)) + Legal obligation (Art. 6(1)(c)) | Fulfilling your purchase; retaining records for tax compliance |
| IP-based rate limiting | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is preventing abuse of the free tier and protecting service availability for all users. We limit storage to IP address and request count, retain for 30 days only, and do not use this data for profiling or marketing. |
| Device token (pre-login tracking) | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is enforcing free-tier limits and providing continuity when anonymous users later create an account. The token is a random UUID with no identifying information; it cannot identify you personally without additional data. |
| Anonymised correction records | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest is improving the accuracy of the analysis pipeline. Corrections are anonymised before storage — no account identifier, no content text — and cannot be linked back to you individually. You may opt out in your account settings at any time. |
4. How we use your data
We process your personal data for these purposes:
- Authentication — verifying your identity via magic link email or Google OAuth, issuing session tokens, and maintaining your signed-in state.
- Running analysis — sending your submitted content and URLs to our processing pipeline (which includes third-party AI and scraping services) to generate structural completeness reports.
- Billing — creating Stripe customers, processing credit pack purchases, tracking credit balances, and maintaining records for tax obligations.
- Rate limiting — tracking request volume by IP address to prevent abuse and maintain service quality for all users.
- Account continuity — migrating analyses from your anonymous device token to your account when you sign in.
- Sharing — generating time-limited share tokens so you can share analysis reports with others.
We do not use your data for advertising, profiling, automated decision-making with legal effects, or sale to third parties.
5. Analysis corrections
If you choose to flag a classification in your analysis as inaccurate, ContentGrapher records the correction in anonymised form — the topic, audience type, field name, and the values before and after correction. No content text, no account identifiers, and no personally identifiable information is included. Anonymised corrections may be used to improve analysis quality for similar topics across the platform. You may opt out of contributing corrections to platform improvement in your account settings.
6. Third-party processors
We share personal data with the following processors, all based in the United States:
| Processor | Purpose | Data shared | Privacy policy |
|---|---|---|---|
| Anthropic (Claude API) | AI-powered content analysis | Submitted content, audience specification, URLs | anthropic.com/legal/privacy |
| Bright Data | Web scraping (primary) | Public URLs submitted by users | brightdata.com/privacy |
| Firecrawl | Web scraping (fallback) | Public URLs submitted by users; page content fetched from those URLs. Processed under Firecrawl's standard terms, which may include brief transient retention per their privacy policy. | firecrawl.dev/privacy-policy |
| Stripe | Payment processing | Email address, payment metadata | stripe.com/privacy |
| Resend | Transactional email delivery | Email address, magic link token | resend.com/privacy-policy |
| OAuth identity provider | Email address, OAuth tokens | policies.google.com/privacy | |
| DataForSEO | SERP data retrieval | Keywords extracted from user content | dataforseo.com/privacy-policy |
| Neon | Database hosting (PostgreSQL) | All stored data (encrypted at rest) | databricks.com/legal/privacynotice |
| Vercel | Application hosting and edge runtime | Request metadata, application data in transit | vercel.com/legal/privacy-policy |
7. AI processing disclosure
When you submit content for analysis, your text (or text scraped from URLs you provide) is sent to Anthropic's Claude API for processing. This is the core mechanism that generates your analysis reports.
Specifically, Anthropic receives:
- The text content of the page you are analyzing
- Your audience specification (e.g. "senior developers familiar with React")
- Structural prompts that instruct the AI on what to evaluate
Anthropic processes this data under their data processing agreement with us. Per Anthropic's API terms, data submitted via the API is not used to train their models. Your content is processed transiently to generate the analysis response and is not retained by Anthropic beyond their standard API log retention period.
8. International data transfers
All our third-party processors are based in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this means your data is transferred to a country that does not currently have an adequacy decision from the European Commission (note: the EU-US Data Privacy Framework may apply to some processors).
We ensure appropriate safeguards for these transfers through:
- We are in the process of executing Data Processing Agreements (DPAs) with each processor. Where a processor is not certified under the EU-US Data Privacy Framework, we rely on Standard Contractual Clauses (SCCs) as the appropriate transfer mechanism. See our DPA research document for the status per processor.
Where a processor is certified under the EU-US Data Privacy Framework, we rely on that certification as an appropriate safeguard.
9. Data retention
We retain your data for the following periods:
| Data | Retention period | Reason |
|---|---|---|
| Account data (email, IDs) | Until you delete your account | Service operation |
| Analysis results | Until you delete them or request erasure | Core service feature — re-analysis and delta tracking |
| IP rate-limit records | 30 days (rolling window) | Abuse prevention only |
| Magic link tokens | 15 minutes (functional), row retained 7 days | Short-lived authentication tokens |
| Session tokens (JWT cookie) | 7 days | Session duration |
| Share tokens | 90 days from creation | Time-limited sharing feature |
| SERP cache | 60 days | Reduces redundant external API calls |
| Credit pack records | Duration of account + 7 years after termination | Tax and accounting obligations |
| Device token (localStorage) | Until browser storage is cleared | Anonymous usage tracking |
| Free-tier credits | 12 months from when the device was first registered (first app visit) | Time-limited free allowance; window continues if you later create an account |
| Anonymised correction records | Until you opt out or delete your account | Platform quality improvement; no PII stored |
When you delete your account, we remove your personal data within 30 days, except where retention is required by law (e.g. payment records for tax purposes).
10. Your rights under GDPR
If you are in the EEA, UK, or Switzerland, you have the following rights regarding your personal data:
1. Right of access (Art. 15) — You can request a copy of all personal data we hold about you. Contact us at privacy@contentgrapher.io and we will provide your data in a structured, machine-readable format within 30 days.
2. Right to rectification (Art. 16) — If any data we hold about you is inaccurate or incomplete, you can ask us to correct it. For email changes, contact us at privacy@contentgrapher.io.
3. Right to erasure (Art. 17) — You can request deletion of your account and all associated data. You can do this via the account settings page in the Service, or by emailing privacy@contentgrapher.io. We will complete erasure within 30 days, except where we have a legal obligation to retain certain records (see Section 9).
4. Right to restriction of processing (Art. 18) — You can ask us to temporarily stop processing your data while we resolve a dispute about its accuracy or our legal basis for processing.
5. Right to data portability (Art. 20) — You can request your analysis results and account data in a structured, commonly used, machine-readable format (JSON). Contact us at privacy@contentgrapher.io.
6. Right to object (Art. 21) — You can object to processing based on legitimate interest (IP rate limiting and device token tracking). We will stop processing unless we can demonstrate compelling legitimate grounds. To object, contact us at privacy@contentgrapher.io.
To exercise any of these rights, email us at privacy@contentgrapher.io. We will respond within 30 days. We may ask you to verify your identity before processing your request.
11. Cookies and tracking
We use a minimal set of cookies and browser storage. Full details are in our Cookie Policy. Here is a summary:
Cookies:
| Cookie | Purpose | Duration | Category |
|---|---|---|---|
| session_token | Authentication (keeps you signed in) | 7 days | Strictly necessary |
| oauth_state | CSRF protection during Google OAuth | 10 minutes | Strictly necessary |
| oauth_next | Redirect destination after OAuth | 10 minutes | Strictly necessary |
| device_token | Links anonymous analyses to a device during sign-in flow | 10 minutes (transient cookie) | Strictly necessary |
localStorage:
| Key | Purpose | Category |
|---|---|---|
| device_token | Anonymous usage tracking UUID | Functional |
| site_theme | UI theme preference (light/dark) | Functional |
Opt-out: All cookies listed above are strictly necessary for service operation or functional preferences. We do not use advertising or analytics cookies. Because we do not use non-essential cookies, there is no cookie consent banner — all cookies fall within the "strictly necessary" exemption under ePrivacy rules.
12. Children
ContentGrapher is not directed at anyone under the age of 16. We do not knowingly collect personal data from children. Users must confirm they are 16 or older when creating an account.
If we become aware that we have collected data from a user under 16, we will delete their account and associated data promptly. If you believe a child has provided us with personal data, please contact us at privacy@contentgrapher.io.
13. Changes to this policy
We may update this privacy policy from time to time. When we do:
- Minor changes (clarifications, formatting) will be posted here with an updated effective date.
- Material changes (new data collection, new processors, changed retention) will be communicated to you via email at the address associated with your account, at least 14 days before the changes take effect.
We encourage you to review this policy periodically. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.
14. Contact and complaints
Data controller:
- Daniel K Cheung (ABN: 97 136 392 116)
- Email: privacy@contentgrapher.io
Complaints:
If you believe we have not handled your data correctly, you have the right to lodge a complaint with a supervisory authority:
- UK: Information Commissioner's Office (ICO) — ico.org.uk
- EU: Your local data protection authority — list of EEA authorities
- Australia: Office of the Australian Information Commissioner (OAIC) — oaic.gov.au
We would appreciate the opportunity to resolve your concerns directly before you escalate to a supervisory authority. Please contact us first and we will respond within 30 days.
15. Australian Privacy Act
ContentGrapher is subject to the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Daniel Cheung, as the operator, is the entity responsible for handling personal data in accordance with those principles. Australian users who have an unresolved privacy concern after contacting us may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. We will cooperate fully with any OAIC inquiry or investigation.
This policy was last updated on 18 May 2026.