Privacy Policy

Who We Are

AI X-Ray Lab ("we," "us," "our") is an independent AI visibility research laboratory that provides confidential intelligence reports to brands, agencies, and operators. We help you understand how AI models perceive and recommend your brand across ChatGPT, Claude, Gemini, Perplexity, and Copilot.

This Privacy Policy explains how we collect, use, protect, and share information when you use our services at aixraylab.com.

Information We Collect

Information You Provide Directly

• Contact Information: Name, email address, company name, job title
• Business Information: Company website URL, industry, business description
• Research Parameters: Competitor URLs, revenue-related search queries, specific AI model preferences
• Payment Information: Processed securely through Stripe (we do not store credit card details)
• Communication Data: Messages, questions, and feedback you send us

Information We Collect Automatically

• Usage Data: Pages visited, time spent, interactions with our website
• Technical Data: IP address, browser type, device information, operating system
• Analytics Data: Website performance metrics and user behavior patterns

Research Data We Generate

• AI Model Responses: Screenshots and analyses of how AI systems respond to queries about your brand
• Competitive Intelligence: How AI models frame your competitors relative to your brand
• Visibility Scores: Proprietary metrics measuring your AI visibility across different models

How We Use Your Information

Primary Business Purposes

• Deliver Services: Create your AI Visibility Pulse ($47) or X-Ray Report ($497)
• Research & Analysis: Query AI models to understand how they perceive your brand
• Report Generation: Compile findings into executive-ready intelligence documents
• Customer Support: Respond to questions and provide technical assistance

Business Operations

• Payment Processing: Process transactions and send receipts
• Communication: Send order confirmations, delivery notifications, and customer updates
• Legal Compliance: Meet regulatory requirements and protect our business interests
• Service Improvement: Analyze usage patterns to enhance our methodology

What We Don't Do: We do not use your data for marketing to your competitors, we do not sell your information to third parties, and we do not publish case studies or examples using your actual company data without explicit written consent.

How We Share Information

We Share Information Only In These Limited Circumstances:

• With Your Permission: When you explicitly authorize us to share specific findings
• Service Providers: Trusted vendors who help deliver our services (payment processing, email delivery, hosting)
• Legal Requirements: When required by law, court order, or regulatory authority
• Business Protection: To protect our rights, property, or safety, or that of our users

We Never Share:

• Your AI visibility scores with competitors or third parties
• Specific findings from your reports
• Your company's strategic information or competitive intelligence
• Client lists or customer information

Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted to/from our servers uses SSL/TLS encryption
• Access Controls: Strict limitations on who can access client data
• Secure Storage: Data stored on encrypted, access-controlled servers
• Regular Audits: Periodic security reviews and vulnerability assessments
• Payment Security: PCI-compliant payment processing through Stripe

However, no method of transmission over the internet is 100% secure. While we use commercially reasonable efforts to protect your information, we cannot guarantee absolute security.

Data Retention

• Report Data: We retain your reports and underlying research for 2 years to provide ongoing support
• Contact Information: Kept for 3 years or until you request deletion
• Payment Records: Maintained for 7 years for accounting and tax purposes
• Website Analytics: Aggregated, anonymized data retained indefinitely for business insights

You may request deletion of your personal data at any time, subject to legal retention requirements.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Ask us to correct inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Limit how we process your information
• Objection: Object to processing based on legitimate interests
• Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, contact us using the information provided below. We will respond within 30 days.

International Data Transfers

Our services are provided from the United States. If you are accessing our services from outside the US, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

Third-Party Services

Our website and services integrate with third-party services that have their own privacy policies:

• Stripe: Payment processing (covered by Stripe's privacy policy)
• Google Analytics: Website analytics (you can opt-out using browser settings)
• Email Service Providers: For service communications and updates

We recommend reviewing the privacy policies of these third-party services.

Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will:

• Post the updated policy on this page with a new "Last Updated" date
• Notify existing customers of material changes via email
• Provide 30 days notice for significant changes affecting your rights

Continued use of our services after changes take effect constitutes acceptance of the updated policy.