Privacy Policy
This Privacy Policy explains how Krynta (ABN 19 675 134 117) handles personal information collected through krynta.com and our AI Visibility Audit, GEO Fix Pack and Bundle report services. We comply with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth). If you are in the EU/UK, sections 5 (Your rights), 3 (Sub-processors) and 9 (Contact) describe how to exercise GDPR-equivalent rights.
1. What we collect
- Contact details: name, email, and (optional) industry — entered by you on the report form.
- Your business website URL: which we fetch publicly so we can analyse its content. We respect
robots.txtand do not bypass authentication or paywalls. - Your answers: business size, bottleneck, tools, goals — entered by you on the upgrade or intake form.
- Generated report content: the report we produce for you, stored so you can return to it via the link we email.
- Payment information: handled entirely by Stripe. We never see or store full card numbers — we only receive a payment confirmation and the email you used at checkout.
- Technical data: IP address, user-agent and basic request metadata — used for rate limiting, anti-fraud and debugging. Retained in logs for up to 30 days.
We do not knowingly collect special-category data (health, biometrics, etc.). Don't paste that into the form. We also do not knowingly collect data from anyone under 18 — the Service is intended for business owners and is not directed at children.
2. How we use it
- To generate your GEO Fix Pack report
- To email the report link to you after payment
- To verify and process your purchase
- To respond to support requests you send us
- To maintain and improve the Service, including rate-limiting abusive requests
We do not use your information for advertising and we do not sell it.
3. Who we share it with
We do not sell or rent personal information. We use the following sub-processors to run the Service. Each only receives the minimum information needed to perform its function, and is bound by its own privacy and security obligations:
| Provider | Purpose | Data they receive | Location |
|---|---|---|---|
| Vercel | Web hosting and serverless functions | All request data in transit | USA |
| Neon | PostgreSQL database | Your form inputs, purchase record, generated report | USA / EU |
| Stripe | Payment processing and tax receipts | Your email, billing country and payment details | AU / USA |
| Anthropic (Claude) | Generates the report draft and revision | Your website content and report inputs | USA |
| OpenAI (GPT) | Reviews the draft report for hallucinations | The draft report content (no payment data) | USA |
| Perplexity (Sonar) | Retrieves cited industry research used in your report | Your industry / niche query (no contact data) | USA |
| Google (Gemini) | Optional retrieval / supporting research | Niche or topic query (no contact data) | USA |
| DataForSEO | Pulls live Google data (AI Overview, Local Pack, your Google Business Profile, organic SERP rank) for the AI Visibility Audit | Your business name, website URL, city and service category | USA / EU |
| Google Analytics (GA4) | Site traffic analytics so we can improve the product | Anonymous browser identifiers, page paths, basic device info | USA / EU |
| Google Ads (when configured) | Measures which ads led to a purchase so we can run effective campaigns | A conversion event with the AUD value and Stripe session ID; no personal data | USA |
| Microsoft Clarity | Anonymous session recordings and heatmaps so we can see where to improve the site UX | Anonymised mouse movements, clicks, scrolls; form input is masked. No personal data captured. | USA / EU |
| Resend | Transactional email delivery (report link) | Your email address and report link | USA / EU |
| ImprovMX | Inbound email forwarding for Hello@Krynta.com | Email you send us is forwarded to our inbox | EU |
Cross-border transfer: some of these providers store or process data overseas, including in the United States. By using the Service, you consent to this transfer. We only work with providers that publish industry-standard security and data-protection terms (e.g. SOC 2, GDPR Standard Contractual Clauses).
AI providers and your data: the AI providers above operate under business-tier API agreements that, per their published terms, do not use API inputs to train their public models. Your inputs are still transmitted to and processed by them — if you would not paste a piece of information into a third-party tool, do not paste it into our form.
We may also disclose information where required by law (e.g. valid legal process), to protect our rights, or in connection with a sale or restructure of the business — in which case we will require the recipient to honour this Policy.
4. How long we keep it
- Paid report records: retained for up to 7 years to satisfy Australian tax-record obligations (ATO) and so you can return to your report via the link we emailed. You can request earlier deletion of the report content (we retain a minimal sale record for tax purposes).
- Free teaser submissions: kept for up to 12 months for fraud prevention and product analytics, then deleted.
- Server logs: rotated within 30 days.
- Email correspondence: retained until no longer needed for support / business records, typically 24 months.
5. Your rights
You can ask us to:
- Access the personal information we hold about you
- Correct anything that is inaccurate
- Delete your information (where we are not required to retain it for tax, legal or fraud-prevention reasons)
- Complain about how we have handled your data — first to us, and if not resolved, to the Office of the Australian Information Commissioner (oaic.gov.au)
To exercise any of these, email Hello@Krynta.com. We will respond within 30 days.
6. Security
We use HTTPS across the Site, encrypted connections to our database and payment provider, and access controls on administrative tools. No system is perfectly secure, so if you believe your information has been compromised please contact us immediately.
7. Cookies and tracking
The Site sets essential cookies needed to operate the checkout flow, plus the following analytics and advertising cookies (set via Google's gtag.js, loaded from googletagmanager.com):
- Google Analytics 4 (GA4) — measures aggregate traffic, page views and where visitors came from. We have disabled Google Signals (cross-device advertising profiling) for GA4. Data is retained for 14 months by default. You can opt out with the Google Analytics Opt-out Browser Add-on.
- Google Ads conversion tracking — when active, fires a single conversion event after a successful purchase so we can measure ad performance. The event includes the AUD value and your Stripe session ID; it does not include your name, email, or payment details.
- Microsoft Clarity — captures anonymous session recordings and click/scroll heatmaps so we can identify usability issues. Form inputs are masked by default (we never see what you typed). No personally identifiable information is captured. Data is retained for 365 days. You can opt out at clarity.microsoft.com/privacy.
When you proceed to payment, you are redirected to Stripe's hosted checkout. Stripe sets its own cookies for fraud prevention and session management — see stripe.com/au/privacy. Email links may include a session identifier so we can show you the right report.
If you are in the EU/UK and prefer not to be tracked, you can use Do Not Track in your browser, an ad-blocker, or contact us to request manual deletion of any data tied to a session ID. We do not currently run Meta Pixel, TikTok pixel, or any other third-party advertising tracker.
8. Changes
We may update this Policy from time to time. The "Last updated" date at the top will change when we do. For material changes, we will notify you by email if we have one on file.
9. Contact
Privacy questions or requests: Hello@Krynta.com.