Privacy Policy

1. Who we are

F-Brand Score ("we", "us") is operated by [Operator], a self-employed individual registered in Portugal. The service is available worldwide via fbrandscore.ai. Contact for any privacy matter: hello@fbrandscore.ai.

2. What data we collect, and why

We collect only what we need to provide the product. Specifically:

• Account identity — when you sign up via Clerk, we receive your email, name (if you provide one), and a Clerk-assigned user ID. We use this to authenticate you and attribute your analyses, purchases, and subscriptions to your account.
• Brand-URL submissions — when you submit a URL for analysis, we store the URL, the domain, the resulting scores, and a timestamp. This powers the score cache (so re-runs within the cache TTL are free) and your dashboard history.
• Payment information — when you buy a PDF report, payment is processed by Stripe. We never see or store full card numbers; we receive a tokenised payment-intent reference and the fact that the purchase succeeded.
• Email delivery — when we send you a receipt or score-change alert, your email address is shared with our email provider (Resend) for that single delivery. We don't send marketing emails.
• Rate-limit bookkeeping — we keep a row per analyze request (Clerk user ID + timestamp) for 24 hours so we can enforce the free-tier quota. These rows do not contain analysis content.
• Server logs — request method, path, response code, and a correlation ID. No request bodies or user-generated content. Retained for operational debugging.

3. Who else processes your data

We use the following sub-processors. Each only sees the minimum data needed for their function:

• Clerk — authentication, account management, session tokens
• Stripe — payment processing for PDF reports
• Resend — transactional email (receipts, alerts)
• Anthropic, OpenAI, Google, Perplexity, DeepSeek — large language model inference. The brand URL and scraped public data about the brand are sent for scoring; your account identity is not sent to LLM providers.
• AWS / DigitalOcean / Vercel / Cloudflare — hosting, CDN, edge security, object storage for generated PDFs, and (via Cloudflare Web Analytics) the cookieless aggregate page-view metrics described in §7
• Sentry — error tracking. When something crashes on our side, Sentry receives the exception + stack trace so we can diagnose it. Before anything is uploaded we strip authentication tokens, session cookies, request bodies, and webhook signatures — see §9.

All of these are commercial sub-processors with their own privacy policies. We rely on their published GDPR / data-transfer commitments.

4. International data transfers

Most of our sub-processors are headquartered in the United States. Where personal data is transferred outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses, which our sub-processors publish on their own legal pages. If you are in the EEA, UK, or Switzerland, you have the same data-protection rights as if your data stayed within the EEA.

5. How long we keep data

• Account data — for the lifetime of your account; deleted on request.
• Brand analyses — kept indefinitely so your dashboard history works and the cache stays useful. Anonymous analyses (pre-account creation) are tied to a brand row, not your identity.
• Payment records — kept for 7 years to comply with Portuguese tax law.
• Rate-limit rows — older than 30 days are eligible for cleanup.
• Server logs — typically 30 days.

6. Your rights

Regardless of where you are, you have the right to:

• Access the data we hold about you
• Correct any data that's wrong
• Delete your account and associated data (subject to legal retention)
• Receive your data in a portable format
• Object to or restrict processing
• Withdraw consent for any processing that relies on consent

EU/EEA / UK residents: these rights come from the GDPR / UK GDPR. California residents: equivalent rights come from the CCPA. To exercise any of these rights, email hello@fbrandscore.ai — we respond within 30 days.

EU/EEA residents also have the right to lodge a complaint with their local data protection authority (in Portugal: the CNPD).

7. Cookies + analytics

We use only the cookies required for the product to work: a Clerk session cookie after sign-in, and a Stripe checkout session cookie during purchase. We do not use advertising or marketing cookies, and we do not run any third-party analytics that track you across sites.

For aggregate page-view metrics we use Cloudflare Web Analytics. It counts visits without setting cookies and without storing full IP addresses — the beacon sends a small, short-lived hash to Cloudflare's edge so repeat visitors can be deduplicated for a few hours, then that hash is discarded. No cross-site profile is built, no data is sold or shared, and no personal data leaves Cloudflare's infrastructure. Because nothing is stored cross-session and no marketing tracking runs, no cookie-consent banner is shown.

8. Children

The service is not directed at children. We do not knowingly collect personal data from anyone under 16 (the GDPR threshold). If you believe a minor has signed up, email us and we'll delete the account.

9. Security

All traffic is HTTPS. Database connections use TLS. Secrets (API keys, payment credentials) are stored only in the deployment environment, never in the source tree. Access to production is limited to the operator. We do not currently maintain a formal incident-response runbook; that's on the roadmap.

When an error occurs on our servers or in your browser, a diagnostic event is sent to Sentry so we can fix the bug. Before the event leaves our systems we strip: authentication tokens, session cookies, request bodies, and webhook-verification headers (Stripe and Clerk signatures). Full IP addresses and browser cookies are not attached to events by default. Events auto-delete from Sentry after 30 days.

10. Changes to this policy

If we change anything material, we'll update the "last updated" date at the top of this page and notify users by email if the change affects their existing rights or data use. Cosmetic changes don't trigger a notice.

11. Contact

All privacy questions go to hello@fbrandscore.ai. We aim to reply within two business days, faster on rights requests.