cite-met

    Privacy Policy

    Effective Date: November 17, 2025

    Last Updated: November 17, 2025

    Disclaimer: This policy is comprehensive and based on standard requirements (GDPR, CCPA, PIPEDA). However, you should have a legal professional review this before going live to ensure it matches your specific liability insurance and local laws.

    Welcome to cite-met ("Company," "we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it.

    This policy applies to all information collected through our website (https://cite-met.com), our hosting services, our analytics dashboard, and any related services, sales, marketing, or events (collectively, the "Services").

    By using our Services, you agree to the collection and use of information in accordance with this policy.

    1. Information We Collect

    We collect personal information that you voluntarily provide to us, information automatically collected when you use the Services, and information accessed via third-party integrations (such as GitHub).

    A. Personal Information You Provide

    • Account Data: When you register, we collect your name, email address, and authentication credentials.
    • Billing Data: If you purchase a paid plan (Pro, Authority, or Add-on Services), our third-party payment processor (Stripe) collects your payment method details and billing address. We do not store your full credit card information on our servers.
    • Communication Data: Information you provide when you contact support, join our waitlist, or request an audit.

    B. Information from Third Parties (GitHub)

    Our Service relies on integration with GitHub to access your source code for deployment. When you link your GitHub account, we collect:

    • Profile Information: Your GitHub username, avatar, and email address.
    • Repository Access: We access only the repositories you explicitly grant us permission to see. We use this access to clone your code, run our SSG conversion engine, and deploy your website.
    • Commit Data: We log commit messages and timestamps to trigger auto-deployments and update your dashboard status.

    C. Information Automatically Collected (Usage Data)

    When you visit cite-met.com or use our dashboard:

    • Log Data: IP address, browser type, operating system, referring URLs, device information, and timestamps.
    • Cookies: We use cookies to maintain your session and user preferences.

    D. Data We Process on Your Behalf (Analytics)

    This is distinct from your account data. When you host a website on cite-met, we act as a Data Processor for the traffic visiting your website. We collect the following on your behalf to generate your AEO & SEO Analytics Dashboard:

    • Visitor IP Addresses: Used for geographic breakdown (Country/Region) and abuse prevention.
    • User Agents: Used to identify device types (Mobile/Desktop) and specific AI Bots (e.g., ChatGPT-User, Googlebot).
    • Request Paths: Which pages on your site were visited.
    • Referrers: Where your traffic came from (e.g., Direct, Realtor.ca, Google).

    2. How We Use Your Information

    We use the information we collect for the following business purposes:

    1. To Provide the Service:
      • To authenticate your identity via GitHub.
      • To clone, build, convert (CSR to SSG), and host your website.
      • To inject optimization files (llms.txt, sitemap.xml, robots.txt) into your deployment.
      • To manage custom domains and SSL certificates.
    2. To Provide Analytics:
      • To process your website's traffic logs and visualize human vs. AI bot traffic in your dashboard.
    3. To Improve Our Technology:
      • We analyze how AI crawlers interact with the sites we host to refine our AEO (Answer Engine Optimization) algorithms.
    4. To Communicate with You:
      • To send deployment status emails (Success/Failure).
      • To send waitlist invitations, billing receipts, and feature updates.
    5. To Enforce Security:
      • To detect and prevent fraud, abuse, or security incidents (e.g., DDoS attacks).

    3. How We Share Your Information

    We do not sell your personal information. We only share information with the following categories of third parties for specific business purposes:

    • Cloud Infrastructure Providers: We use Cloudflare for content delivery (CDN), DDoS protection, and edge computing. Your website content and traffic logs pass through Cloudflare's network.
    • Payment Processors: We use Stripe to handle all billing and payments.
    • Analytics Services: We may use internal or third-party tools to monitor the performance of the cite-met.com platform itself.
    • Legal Requirements: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.

    4. International Data Transfers

    Headquarters: cite-met is headquartered in Canada.
    Infrastructure: Our infrastructure is distributed globally via Cloudflare.

    If you are accessing our Services from outside Canada, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we share your personal information, in Canada, the United States, and other countries.

    For users in the European Economic Area (EEA) or United Kingdom (UK): We ensure that any international transfers of data comply with the GDPR, utilizing Standard Contractual Clauses (SCCs) or ensuring adequacy decisions are in place.

    5. Data Retention

    • Account Data: We retain your account information as long as your account is active.
    • Source Code: We do not permanently store your source code. We pull it from GitHub to build it, cache the build artifacts (your converted SSG site) for hosting, and retain the artifacts until the next deployment replaces them or you delete the project.
    • Analytics Logs: Detailed raw traffic logs for your hosted websites are retained for a limited period (e.g., 30-90 days) to generate reports, after which they are aggregated or deleted.

    6. Security of Your Information

    We use administrative, technical, and physical security measures to help protect your personal information.

    • Encryption: All data in transit is encrypted via TLS/SSL.
    • Access Control: Access to source code and build environments is strictly limited to automated processes and authorized engineering staff for debugging purposes only.
    • GitHub Tokens: We do not store your GitHub password. We use OAuth tokens which can be revoked by you at any time via your GitHub settings.

    However, please remember that no electronic transmission over the internet or information storage technology is 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

    7. Your Privacy Rights

    Depending on your location, you may have the following rights:

    • Access: Request a copy of the personal data we hold about you.
    • Rectification: Request that we correct inaccurate data.
    • Deletion: Request that we delete your account and all associated data (including hosted projects and analytics history).
    • Revocation of Consent: You can revoke our access to your GitHub repositories at any time by uninstalling the cite-met App in your GitHub settings.

    To exercise these rights, please contact us at privacy@cite-met.com.

    8. A Note for "Vibecoders" & Developers

    Since cite-met modifies your codebase during the deployment process (via SSG injection), please note:

    • Intellectual Property: You retain full ownership of your code and content. cite-met claims no intellectual property rights over the material you provide to the Service.
    • Injected Files: The llms.txt, sitemap.xml, and robots.txt files we generate are owned by you upon generation.

    9. Cookies and Tracking Technologies

    We use cookies to authenticate your session.

    • Essential Cookies: Necessary for the website to function (e.g., logging in).
    • Analytics Cookies: Used to understand how you interact with our dashboard.

    You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use the login features of our Service.

    10. Updates to This Policy

    We may update this privacy policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

    11. Contact Us

    If you have questions or comments about this policy, you may email us at privacy@cite-met.com.

    CTA background

    The Last Step Your Framework Forgot.

    Tools like Lovable and Bolt build the UI. We build the visibility. Close the loop and give your site the voice it deserves.

    Your first month is free. No credit card required.