How we handle your data

The data controller responsible for your personal data is:

We collect the following personal data when you use our service:

We do not collect payment information, government IDs, or sensitive personal categories as defined by GDPR Article 9.

Your data is used exclusively for:

• Running the AI-readiness audit on the feed URL you provide.
• Generating and delivering your report to your email address.
• Communicating service-related information (e.g. follow-up on your report).
• Preventing abuse through rate limiting (IP address, anonymised).

We do not sell your data, share it with third parties for marketing purposes, or use it for automated profiling that produces legal or similarly significant effects.

• Product feed data is deleted immediately after the analysis is complete.
• Your analysis report (including recommendations) is retained for 7 days, then permanently deleted.
• Your name, company, and email submitted with the analysis form are deleted together with the report after 7 days.
• IP-based rate limit logs are automatically purged after 24 hours.
• If you request an email report or are added to our mailing list, your email and contact record may be retained by our email provider, Resend, for email delivery, unsubscribe, and suppression compliance until you request erasure. To request erasure, contact us at info@optifeed.com.

We use the following third-party services to operate Optifeed. Each has been assessed for GDPR compliance:

Standard Contractual Clauses (SCCs) govern any transfers outside the EEA.

Under GDPR, you have the following rights regarding your personal data:

• Right of access — request a copy of the data we hold about you.
• Right to rectification — ask us to correct inaccurate or incomplete data.
• Right to erasure ("right to be forgotten") — request deletion of your data.
• Right to restriction of processing — ask us to limit how we use your data.
• Right to data portability — receive your data in a structured, machine-readable format.
• Right to object — object to processing based on legitimate interest.
• Right to withdraw consent — withdraw your GDPR consent at any time without affecting prior processing.

To exercise any of these rights, contact us at info@optifeed.com. We will respond within 30 days.

If you are unsatisfied with our response, you have the right to lodge a complaint with your national data protection authority (e.g. KVKK in Turkey, ICO in the UK, or your local EU supervisory authority).

Optifeed does not use tracking cookies or third-party analytics that identify individual users. We use Vercel Web Analytics for aggregated, anonymised traffic metrics only.

We implement appropriate technical and organisational measures to protect your data, including encrypted connections (HTTPS/TLS), access controls, and short retention periods. However, no system is 100% secure — please contact us immediately if you suspect a data breach.

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date at the top of this page. Continued use of the service after changes constitutes acceptance of the revised policy.

Questions or requests regarding this Privacy Policy should be directed to: info@optifeed.com