Privacy Policy

DiscoverAI (“we”, “our”, or “us”) operates the DiscoverAI content discovery and native advertising platform accessible at discoverai.com and related sub-domains (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service.

By accessing or using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please discontinue use of the Service.

2.1 Information You Provide Directly

• Account registration — name, email address, company name, job title, and password when you create an account.
• Billing information — payment card details processed securely by our payment processor (Stripe). We do not store raw card numbers.
• Communications — messages you send us via contact forms, support tickets, or email.
• Content — campaigns, sponsored articles, or other content you upload to the Service.

2.2 Information Collected Automatically

• Log data — IP address, browser type, operating system, referring URLs, pages visited, and timestamps.
• Usage data — features used, actions taken within the dashboard, session duration, and click patterns.
• Device data — hardware model, operating system version, unique device identifiers.
• Cookies and similar technologies — see our Cookie Policy for details.

2.3 Information from Third Parties

• Publishers — aggregate audience signals from publisher integrations (contextualised, not personally identified).
• Authentication providers — if you sign in via Google or another OAuth provider, we receive your name and email.
• Analytics partners — aggregated performance data about content recommendations.

We use the information we collect to:

• Provide, operate, and improve the Service.
• Process transactions and send related transactional emails (invoices, receipts).
• Send product updates, security alerts, and support messages.
• Personalise your dashboard and recommendation settings.
• Monitor and analyse usage trends to improve platform performance.
• Detect, prevent, and respond to fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our Terms of Service.
• Send marketing communications where you have given consent (you may opt out at any time).

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases:

• Contract performance — processing necessary to provide the Service you have signed up for.
• Legitimate interests — fraud prevention, security, service improvement, and analytics.
• Legal obligation — compliance with applicable laws and regulations.
• Consent — marketing emails and non-essential cookies (where required).

You have the right to access, rectify, erase, restrict, or port your personal data, and to object to processing based on legitimate interests. To exercise these rights, contact us at privacy@discoverai.com.

We do not sell your personal data. We may share it with:

• Service providers — hosting (AWS), payment processing (Stripe), email delivery (SendGrid), analytics, and support tools. These parties process data solely on our behalf.
• Publishers and advertisers — aggregate, anonymised performance metrics only (no personally identifiable information).
• Law enforcement — when required by applicable law, court order, or government authority.
• Business transfers — in connection with a merger, acquisition, or sale of assets, with prior notice to you.

We retain your account data for as long as your account is active or as needed to provide the Service. After account deletion, we retain anonymised analytics data indefinitely and personally identifiable data for up to 90 days before secure deletion, unless a longer period is required by law.

We implement industry-standard security measures including TLS/SSL encryption in transit, AES-256 encryption at rest, regular penetration testing, and strict access controls. While we take every reasonable precaution, no method of transmission over the Internet is 100% secure.

Your data may be transferred to and processed in countries other than your own. Where we transfer personal data from the EEA, we rely on Standard Contractual Clauses (SCCs) or adequacy decisions approved by the European Commission.

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on the Service at least 30 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy, please contact our Data Protection team:

• Email: privacy@discoverai.com
• Address: DiscoverAI, Inc., 100 Market Street, Suite 300, San Francisco, CA 94105, USA
• Data Protection Officer: dpo@discoverai.com