Privacy Policy

Effective July 15, 2026

QueryTrace ("QueryTrace", "we", "us") provides a service that tracks how often a company is mentioned by AI models, compares that against competitors, and reports the trend over time. This policy explains what data we collect through querytrace.co and the QueryTrace application, why we collect it, and the choices you have.

The data controller is Anderson Lester UK Limited, 35 Rostrevor Road, Fulham, London, SW6 5AX, United Kingdom. For any privacy question or request, contact [email protected].

Information we collect

We collect the following categories of data:

  • Account data — name, email address, and authentication details, handled by our authentication provider, Clerk, when you sign up or log in.
  • Company profile data — the company name, domain, industry, location, and tagline you enter for the brand you're tracking.
  • Tracked queries and competitors — the questions you configure us to run against AI models, and the names/domains of any competitors you choose to compare against.
  • Mention results — the AI model responses generated from your tracked queries, and the mention, sentiment, quality, and position data we extract from them.
  • Billing data — your subscription plan and status, and identifiers linking your account to our payment processor, Stripe. We never see or store your full card number; Stripe handles that directly.
  • Usage data — basic technical data (such as IP address and browser type) generated by using the site, standard to any web request.

How we use it

  • To run your tracked queries against AI models and generate mention, sentiment, and trend reports.
  • To operate your account, authenticate you, and provide customer support.
  • To process payments and manage your subscription.
  • To maintain the security and reliability of the service.
  • To comply with legal obligations, such as tax and accounting record-keeping.

Who we share it with

We don't sell your data. We share it with the subprocessors that make the service work:

  • Clerk — authentication and account management.
  • Stripe — subscription billing and payment processing.
  • Supabase — hosts our Postgres database (in the EU, eu-west-1 region).
  • AI model providers (e.g. OpenAI, Anthropic, Google) — we send the query text you configure to these providers to generate the responses we analyze for mentions. We do not send your account credentials or billing data to these providers.

We may also disclose data if required by law, or to protect the rights, property, or safety of QueryTrace, our users, or others.

Cookies

QueryTrace uses only the essential cookies our authentication provider, Clerk, sets to keep you signed in — there is no way to disable these and still use the app. We also store your light/dark theme preference in your browser's local storage, which is not a cookie and is never sent to our servers.

We do not currently use analytics, advertising, or marketing cookies. If that changes, we'll update this section and, where required, ask for your consent first.

Data retention

We retain your account and company data for as long as your account is active. If you cancel, we retain it for a limited period in case you resubscribe, then delete it, except where we're required to keep billing records for legal or tax purposes. You can request earlier deletion at any time (see "Your rights" below).

Security

We use industry-standard safeguards to protect your data, including encryption in transit (HTTPS), access controls on our database, and reliance on PCI-compliant payment processing through Stripe so we never handle raw card data. No system is perfectly secure, and we can't guarantee absolute security.

Your rights (GDPR / CCPA and similar laws)

Depending on where you live, you may have the right to access, correct, delete, or export your personal data, restrict or object to certain processing, and withdraw consent where processing is based on consent. To exercise any of these rights, email [email protected]. We'll respond within the time required by applicable law.

Where we process your data based on a contract (providing the service you signed up for) or a legitimate interest (such as keeping the service secure), you can ask us about the legal basis at any time. If you're in the UK and believe we haven't addressed your concern, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). If you're in the EU/EEA, you can lodge a complaint with your local data protection authority instead.

International transfers

We're based in the UK, and our primary database is hosted in the EU (Ireland). Some of our subprocessors, including our AI model providers, may process data in the United States or elsewhere. Where required, we rely on appropriate safeguards for these transfers, such as the UK International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses with the UK addendum.

Children's privacy

QueryTrace is a business tool and is not directed at, or intended for use by, children under 16. We don't knowingly collect personal data from children.

Changes to this policy

We may update this policy from time to time. If we make material changes, we'll notify you by email or with a notice on the site before the change takes effect.

Contact

Questions about this policy or how we handle your data: [email protected].