Legal
Privacy Policy
Last Updated/Effective Date: July 1, 2026
This Privacy Policy explains how Get Found By Bots LLC ("we," "us," or "our") collects, uses, discloses, and protects information in the course of operating getfoundbybots.com and providing Generative Engine Optimization, local visibility, profile management, audit, monitoring, and related services. It applies to information we handle for our clients, prospective clients, and website visitors.
Information We Collect
Depending on how you interact with us and the services we provide to you, we may collect:
- Business contact information, including name, business email address, phone number, business address, company name, title, and related contact details;
- Website credentials, directory credentials, and platform access credentials that you provide or authorize us to use for the services;
- Business information used to create, claim, update, audit, and optimize profiles, including services, hours, locations, licensure, professional credentials, descriptions, categories, website content, images, and business attributes;
- Publicly available information about your business gathered from search engines, AI search tools, maps, directories, review platforms, industry sources, and your public website;
- Audit data, AI-visibility scoring, directory consistency data, competitive comparisons, service performance information, and related reporting data; and
- Website-usage, communications, and preference information from visitors to our website and recipients of our communications, including device information, browser information, IP address, pages viewed, referral sources, form submissions, cookie or similar technology data, and email engagement information.
Sources of Information
We may collect information from the following sources:
- Information you provide to us directly, including information submitted through our website, email, intake calls, onboarding materials, Statements of Work, questionnaires, support requests, and other communications.
- Information we receive from your authorized users, employees, contractors, representatives, advisors, or other people acting on your behalf.
- Information we obtain from public sources, including your website, search engine results, AI search results, maps, directories, review platforms, professional licensing databases, business registries, social media pages, advertising libraries, and other publicly available sources.
- Information we generate in providing the services, including audit results, AI-visibility observations, profile-change records, ranking observations, directory consistency findings, benchmarking, recommendations, screenshots, notes, reports, and service-performance data.
- Information we receive from service providers and third-party platforms, including hosting providers, analytics providers, email and communication tools, payment processors, customer relationship management systems, project management tools, and third-party platforms we access or manage at your direction.
- Information collected automatically when you use our website or interact with our communications, including IP address, device identifiers, browser type, operating system, pages viewed, referral source, date and time of access, session activity, form interactions, cookie identifiers, and email engagement information.
Client-Provided Information and Controller Responsibilities
Many of our services are performed at the direction of our clients. If you provide information to us, authorize us to access a platform, or ask us to publish, update, audit, or process information on your behalf, you are responsible for confirming that you have the right to provide that information and to authorize our use of it for the requested services.
You are also responsible for providing any notices, obtaining any consents, and satisfying any professional, industry, advertising, confidentiality, privilege, health care, financial, consumer-protection, or privacy obligations that apply to your business, your customers, your patients, your clients, your users, or your industry, except to the extent we expressly agree otherwise in a written agreement.
We may rely on the accuracy, completeness, authority, and lawfulness of information, instructions, approvals, credentials, platform access, and content provided or approved by you or your authorized representatives. We may decline to process or publish information that we believe may be unauthorized, inaccurate, unlawful, deceptive, confidential, regulated, unsafe, or inconsistent with our agreements or policies.
Publicly Available and Public-Facing Information
Our services often involve reviewing, organizing, editing, publishing, submitting, or monitoring information that is publicly available or intended to be made public. Public-facing business information may include business names, professional names, service descriptions, credentials, license information, office locations, telephone numbers, hours, website URLs, images, biographies, categories, descriptions, reviews, ratings, and similar information.
Once information is submitted to a public or third-party platform, it may be indexed by search engines, displayed by AI search tools, copied by third parties, cached, archived, or used by the platform under its own terms and policies. We may not be able to remove, correct, or control information after it becomes public or after it is processed by a third-party platform, search engine, directory, AI tool, or archive.
What We Do Not Collect
We do not intentionally collect personal information about your clients, customers, patients, prospective clients, case participants, or other end users, except to the extent you provide it to us or direct us to process it in writing. We do not collect payment-card information directly; payments are processed by third-party processors. We do not sell personal information or share personal information for cross-context behavioral or targeted advertising, and we do not sell or share your business information with third parties for their own marketing purposes.
Regulated and Sensitive Information
Our services are designed for business visibility and profile management, not for processing legal, medical, financial, consumer-reporting, children's, or other regulated personal information. You should not provide us with confidential client information, protected health information, consumer financial account information, nonpublic personal information, Social Security numbers, driver's license numbers, payment-card data, passwords for accounts we are not managing, or information about children unless the applicable Statement of Work or another written agreement specifically authorizes that processing and sets out the required safeguards. We are not acting as a HIPAA business associate, Gramm-Leach-Bliley Act service provider, or other regulated-data service provider unless we agree to that role in a separate written agreement.
How We Use Your Information
- To deliver, manage, support, improve, and document the services described in your Statement of Work;
- To create, claim, update, verify, optimize, and monitor third-party directory, search, map, review, and platform profiles on your behalf;
- To generate audit reports, AI-visibility assessments, directory consistency reports, benchmarking, and competitive comparisons;
- To communicate with you about services, support, account administration, billing, renewals, security, policy updates, and service-related notices; and
- In anonymized, aggregated, or de-identified form for product development, quality control, benchmarking, analytics, and service improvement, where the information does not identify a particular individual or client.
Additional Business and Commercial Purposes
In addition to the uses described above, we may use information for the following business and commercial purposes to:
- Onboard clients, administer accounts, manage projects, verify instructions, confirm authority to access platforms, and maintain service records.
- Perform website, search, directory, map, profile, review, AI-visibility, and competitive audits.
- Evaluate how businesses appear in search engines, AI search tools, directories, maps, review platforms, and other public or third-party services.
- Create, claim, verify, update, monitor, and manage business profiles and listings at your direction.
- Prepare reports, recommendations, action plans, change logs, service summaries, and similar deliverables.
- Communicate with clients, prospective clients, vendors, service providers, and other business contacts.
- Send service, transactional, administrative, billing, renewal, security, policy, and support communications.
- Send marketing, educational, or promotional communications where permitted and subject to applicable opt-out rights.
- Improve our website, services, workflows, templates, reporting methods, research methods, quality controls, and client experience.
- Test, monitor, troubleshoot, secure, and protect our systems, website, communications, credentials, accounts, and services.
- Prevent, detect, investigate, or respond to fraud, misuse, unauthorized access, platform abuse, security incidents, claims, disputes, or violations of our agreements or policies.
- Comply with law, legal process, regulatory requests, professional obligations, contractual obligations, and internal recordkeeping requirements.
- Evaluate or complete a merger, acquisition, financing, reorganization, sale of assets, transfer of contracts, bankruptcy, or similar business transaction involving all or part of our business.
Automated Tools, AI Outputs, and Human Review
We may use automated tools and AI-enabled services to help collect public information, compare profile information, identify inconsistencies, evaluate visibility, summarize findings, generate drafts, prepare reports, prioritize recommendations, and support service delivery.
AI Tool Use and Model Training
AI-enabled tools may generate incomplete, outdated, inaccurate, biased, or unexpected outputs. We use those outputs as tools to support the services, not as the sole basis for professional, legal, medical, financial, advertising, or regulated determinations. You are responsible for reviewing and approving public-facing claims, regulated-industry content, professional statements, testimonials, advertising copy, profile changes, and other content before it is submitted or published, unless a written agreement says otherwise.
We do not use AI tools to make decisions that produce legal or similarly significant effects about individuals. We do not use personal information to build consumer profiles for eligibility, credit, employment, housing, insurance, health care, legal representation, or similar regulated decisions.
Cookies and Analytics
We may use cookies, pixels, analytics tools, log files, and similar technologies to operate our website, understand website traffic, measure marketing and service communications, protect against misuse, and improve our website and services. You can adjust cookie settings through your browser. Some website features may not work properly if cookies are disabled.
Cookie Categories
Our website may use the following categories of cookies and similar technologies:
- Strictly necessary technologies, which are used to operate the website, remember settings, enable forms, maintain security, and provide features you request.
- Analytics and performance technologies, which are used to understand visits, traffic sources, page views, referral sources, device information, session activity, and how visitors interact with our website and communications.
- Functionality technologies, which are used to remember preferences and improve website operation.
- Marketing and communications technologies, which may be used to understand engagement with our website, emails, and marketing communications. We do not sell personal information or share personal information for targeted advertising as those terms are commonly used in U.S. state privacy laws.
Third-Party Analytics and Tools
We may use third-party analytics, hosting, security, communications, customer management, payment, and website tools. These providers may collect information through cookies, pixels, logs, software development kits, or similar technologies when you interact with our website or communications. Their use of information may be governed by their own terms and privacy policies.
Browser and Device Controls
You can control cookies through your browser settings and device settings. You may also use privacy controls made available by certain browsers, devices, or third-party tools. If a legally required opt-out preference signal applies to us and to the processing at issue, we will honor it as required by applicable law. Some controls are browser-specific or device-specific, so you may need to apply them separately on each browser or device you use.
Do Not Track
Some browsers transmit "Do Not Track" signals. There is no uniform industry standard for how websites should respond to those signals. We currently respond to legally required opt-out preference signals where required by applicable law, but we may not respond to other Do Not Track signals unless required.
Marketing and Email Communications
We may use business contact information to send service-related communications and, where permitted, information about our services. Marketing emails will identify the sender, include accurate subject lines, and include an opt-out method where required. We will honor opt-out requests in accordance with applicable law. Service, transactional, and account-related messages may continue even if you opt out of marketing communications.
How We Share Information
Service Providers and Processors
We may disclose information to vendors, service providers, contractors, consultants, professional advisors, and other processors that perform services for us or on our behalf. These parties may help with hosting, infrastructure, security, analytics, communications, email delivery, customer management, scheduling, payment processing, document storage, project management, automation, AI-enabled services, reporting, accounting, legal services, and other business operations.
We require service providers and processors to use information only for authorized purposes and to protect information using appropriate confidentiality, security, or use restrictions. We may change service providers as our business and services change.
Third-Party Platform Access
If you authorize us to access or manage a third-party account, profile, directory, map listing, review platform, website, search tool, analytics tool, advertising account, or similar service, we may use credentials, tokens, permissions, delegated access, or other access methods you provide or authorize. We may access those platforms to perform the services, troubleshoot issues, verify information, submit changes, monitor visibility, or retrieve information needed for reports.
Your use of third-party platforms remains subject to the applicable platform terms, policies, account settings, privacy controls, advertising rules, review rules, and data practices. We do not control whether third-party platforms approve, reject, modify, display, rank, index, retain, use, or remove submitted information.
Legal, Safety, and Compliance Disclosures
We may disclose information if we believe disclosure is reasonably necessary to comply with law, legal process, subpoenas, court orders, regulatory requests, law enforcement requests, professional obligations, or contractual obligations. We may also disclose information to protect rights, property, safety, systems, credentials, accounts, clients, website visitors, service providers, third-party platforms, or the public.
Business Transactions
We may disclose or transfer information in connection with an actual or proposed merger, acquisition, financing, diligence process, reorganization, sale of assets, transfer of contracts, bankruptcy, receivership, or similar transaction involving all or part of our business. The recipient may use the information consistent with this Privacy Policy and the applicable transaction documents.
No Sale or Targeted Advertising Sharing
We do not sell personal information for money. We do not share personal information for cross-context behavioral advertising or targeted advertising as those terms are commonly used in U.S. state privacy laws. If our practices change, we will update this Privacy Policy and provide any required notice, consent, or opt-out mechanism.
We share information only as needed to provide, operate, secure, and improve the services: with service providers and processors that help us operate, such as hosting, analytics, communications, customer management, security, professional advisors, and payment processors, under confidentiality or use restrictions; with third-party platforms where we create, claim, verify, update, monitor, or manage profiles on your behalf; with parties you authorize us to contact or use in connection with the services; in connection with a business transaction involving our company; and where required by law or necessary to protect rights, safety, or security. We do not sell your information.
Third-Party Platforms
In the course of services, we may access, create, claim, verify, update, or manage profiles on third-party platforms, such as Google, Yelp, BBB, Angi, AI search tools, map services, review platforms, and industry-specific directories. Each platform has its own privacy policy, terms, account controls, advertising rules, review rules, and data practices governing how it handles information submitted to or collected by that platform. We are not responsible for third-party platform practices, and information you or we submit to those platforms at your direction may become public or may be used by those platforms under their own terms.
AI Tools and Automation
We may use automation, analytics, and AI-enabled tools to perform audits, monitor visibility, evaluate public search results, generate reports, and support profile optimization. We limit inputs to information reasonably needed for the services and do not intentionally submit credentials, payment-card information, protected health information, confidential legal-matter information, consumer financial account information, or other regulated personal information to public AI tools unless you specifically authorize that use in writing and appropriate safeguards are in place.
Public Content, Reviews, and Client Responsibility
If you ask us to publish, submit, update, or facilitate public-facing content, you are responsible for confirming that the content is accurate, substantiated, authorized, and appropriate for your business and industry. Public reviews, testimonials, forum posts, and similar content may reveal relationships, transactions, or other information about the person posting them. We do not write customer reviews, script testimonials, create fake reviews, suppress negative reviews, or submit content that we know is unauthorized.
Regulated Industry Clients
Some clients operate in regulated industries, including legal services, health care, elective medical services, addiction treatment, financial services, tax services, home services, and other industries subject to advertising, confidentiality, licensing, consumer-protection, or professional-conduct rules. Our services do not replace your obligation to review and approve claims, testimonials, reviews, advertising, directory listings, profile content, website content, disclosures, and other public-facing content for your own business and industry.
Attorney, Legal, and Professional Services Clients
If you are a law firm, attorney, or other professional-services provider, you are responsible for determining whether public-facing content, testimonials, reviews, directory listings, profile content, case descriptions, practice-area descriptions, claims, disclaimers, and communications comply with applicable professional-conduct rules, advertising rules, privilege obligations, confidentiality obligations, and client-consent requirements. Public reviews and testimonials may reveal that a person sought or received professional services. We do not request, publish, edit, or facilitate reviews or testimonials that we know are unauthorized or inconsistent with your written instructions.
Health Care, Medical, Wellness, and Treatment-Related Clients
If you are a health care, medical, wellness, addiction-treatment, elective medical, or similar provider, you are responsible for determining whether public-facing content, testimonials, reviews, before-and-after content, claims, credentials, locations, service descriptions, and advertising comply with applicable health care privacy, advertising, patient-consent, licensing, professional, and platform requirements. You should not provide protected health information, patient lists, patient communications, diagnosis information, treatment information, or other regulated health information unless we have signed a written agreement that expressly authorizes that processing and sets out required safeguards.
Financial, Tax, and Consumer-Finance Clients
If you provide financial, tax, accounting, credit, debt, insurance, investment, or similar services, you are responsible for determining whether public-facing content, testimonials, reviews, claims, credentials, service descriptions, disclosures, and communications comply with applicable financial, consumer-protection, tax, advertising, licensing, professional, and confidentiality requirements. You should not provide consumer financial account information, credit report information, nonpublic personal information, Social Security numbers, taxpayer identification numbers, or similar regulated information unless we have signed a written agreement that expressly authorizes that processing and sets out required safeguards.
Reviews, Testimonials, and Endorsements
We may help clients understand review-platform mechanics, monitor public reviews, identify public-review trends, or provide general education about review and testimonial practices. We do not create fake reviews, submit reviews under false identities, provide undisclosed incentives for reviews, suppress negative reviews, review-gate customers, or ask customers to make statements that do not reflect their honest experiences.
If you provide or approve testimonials, endorsements, reviews, customer statements, influencer content, affiliate content, or similar materials, you are responsible for confirming that the content is truthful, substantiated, authorized, not misleading, and accompanied by any disclosures required by law, professional rules, platform rules, or industry standards.
Security
- Credentials are stored using commercially reasonable safeguards, and access is limited to personnel and service providers with a business need to support your account;
- We delete or disable access to credentials within a reasonable period after the active term of your engagement ends, unless retention is required by law, security, backup, dispute, or legitimate business needs;
- Audit reports are transmitted to you directly or through approved service channels and are not intentionally stored on public servers.
Security Incidents
If we become aware of a security incident involving information we maintain, we will investigate, take steps designed to address the incident, and provide notices to clients, individuals, regulators, law enforcement, or other parties when required by applicable law or contract.
We use administrative, technical, and organizational safeguards appropriate to the nature of the information we handle, which may include access controls, credential management, encryption where appropriate, staff access limits, vendor controls, and incident response procedures. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.
Data Retention
We retain client business information, audit reports, communications, and service records for the duration of the engagement plus two (2) years, unless you request earlier deletion or a longer period is required for legal, tax, accounting, security, backup, dispute, or legitimate business purposes. Credentials are deleted or disabled within a reasonable period after termination of the engagement, subject to the same exceptions.
Credential and Account Access Practices
When you provide credentials or authorize access to third-party platforms, we use those credentials and access permissions only for the services, account administration, troubleshooting, security, or other authorized purposes. You should provide only the access level reasonably needed for the services.
Where available and appropriate, we may use delegated access, role-based access, access tokens, shared workspaces, password managers, multi-factor authentication, or other access-management tools instead of direct password sharing. You remain responsible for maintaining your own account ownership, billing controls, recovery methods, administrator permissions, and backup access for third-party platforms.
You should notify us promptly if an authorized user leaves your organization, if credentials change, if platform access should be revoked, if you suspect unauthorized access, or if you want us to stop using particular credentials or access permissions.
Security Program Limitations
Our security practices are designed for the nature of our business and the information we handle. They are not designed to satisfy regulated-data programs such as HIPAA, GLBA, FCRA, PCI DSS, or comparable regulated-data obligations unless we expressly agree to those requirements in a separate written agreement.
Data Retention Criteria
When deciding how long to retain information, we may consider the nature of the information, the purposes for which it was collected, the duration of our relationship with you, service delivery needs, legal and contractual requirements, tax and accounting obligations, security needs, backup and disaster recovery practices, dispute and enforcement needs, and whether retention is reasonably necessary for legitimate business purposes.
Backups, Archives, and Logs
Information may remain in backups, archives, system logs, audit logs, email records, security records, and similar systems for a period of time after deletion from active systems. We may retain those records where deletion is not reasonably practical or where retention is necessary for security, continuity, legal, compliance, dispute, or backup purposes. We restrict access to such records in accordance with our applicable security practices.
De-Identified and Aggregated Information
We may create or use aggregated, anonymized, or de-identified information for analytics, benchmarking, product development, quality control, research, reporting, service improvement, and similar purposes. We take reasonable steps designed to prevent de-identified information from being associated with a particular individual or client where required by applicable law. We may use and disclose de-identified or aggregated information without restriction unless applicable law or a written agreement provides otherwise.
International Access and Processing
We are based in the United States, and information may be processed in the United States or other jurisdictions where we, our service providers, or third-party platforms operate. Privacy and data protection laws in those jurisdictions may differ from the laws where you are located. By using our website or services, you understand that information may be transferred to and processed in the United States and other jurisdictions, subject to applicable law and our agreements.
Your Privacy Choices and Rights
You may request access to, correction of, deletion of, or a copy of information we maintain about you by contacting us at the address below. You may also ask us to limit or stop certain uses of your information, including marketing communications. We will respond within the period required by applicable law. Depending on your location and our legal obligations, you may have additional rights to appeal a decision, opt out of certain processing, or exercise other privacy rights under applicable privacy laws.
State Privacy Notice
How to Exercise Privacy Rights
You may submit a privacy request by contacting us using the contact information at the end of this Privacy Policy. Your request should describe the right you want to exercise and provide enough information for us to understand, evaluate, and respond to the request.
We may need to verify your identity, authority, residency, relationship to us, or the account or information involved before responding to a request. We may request additional information if reasonably needed to verify or process the request. If we cannot verify the request, we may deny the request or ask for additional information.
Authorized Agents
Where applicable law permits you to use an authorized agent to submit a privacy request, we may require proof that you authorized the agent to act on your behalf. We may also require you to verify your identity directly with us or confirm that you authorized the request, unless applicable law provides otherwise.
Appeals
If applicable law gives you the right to appeal our decision on a privacy request, you may submit an appeal using the contact information at the end of this Privacy Policy. Please identify the original request and explain why you believe our decision should be reconsidered. We will respond to appeals within the period required by applicable law.
Limits on Privacy Requests
Your rights may be limited by applicable law, our legal obligations, our contractual obligations, our role as a service provider or processor, our need to protect rights and security, our need to verify identity or authority, our retention obligations, or the nature of the information at issue. We may retain information as permitted or required by law, including for security, fraud prevention, legal compliance, tax, accounting, dispute, backup, and legitimate business purposes.
If we process information on behalf of a client, we may refer the request to that client or ask that you submit the request directly to the client. We may not be able to respond directly to requests involving information we process only under a client's instructions.
State-Specific Rights
Depending on where you live and whether an applicable privacy law applies to us and to the information at issue, you may have rights to request access, correction, deletion, portability, or a copy of personal information; to opt out of certain processing; to appeal certain decisions; or to limit certain uses of sensitive information.
We do not knowingly sell personal information or share personal information for targeted advertising. We do not process sensitive personal information for purposes requiring a right to limit use unless we provide any notice, consent, or limitation mechanism required by applicable law.
New Jersey Privacy Notice
If the New Jersey Data Privacy Law applies to us and to the information at issue, New Jersey consumers may have rights to confirm processing, access personal data, correct inaccuracies, delete personal data, obtain a copy of personal data, and opt out of certain processing, including targeted advertising, sale of personal data, and certain profiling. Our categories of personal data, purposes of processing, categories of recipients, and contact information are described in this Privacy Policy.
California Notice
If California privacy law applies to us and to the information at issue, California residents may have rights to know, access, delete, correct, and receive information about certain disclosures, and may have rights to opt out of certain sales, sharing, or sensitive-information uses. We do not sell personal information or share personal information for cross-context behavioral advertising. We do not knowingly sell or share personal information of consumers under 16.
Shine the Light
California Civil Code Section 1798.83 permits California residents to request certain information about disclosures of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes without providing any notice or choice required by applicable law.
Certain U.S. state privacy laws may require additional disclosures or rights if they apply to us and to the information at issue. For those purposes, the categories of information we collect, use, and disclose are described above. We use the information for the business and commercial purposes described in this Privacy Policy. We disclose information to the categories of recipients described in "How We Share Information." We do not sell personal information or share personal information for targeted advertising as those terms are commonly used in U.S. state privacy laws. If our practices change, we will update this Privacy Policy and provide any legally required opt-out mechanism.
Children's Privacy
Our website and services are directed to businesses and adults, not to children. We do not knowingly collect personal information from children under 13, and we do not knowingly process personal information of minors in a manner that requires parental or other legally required consent without that consent. If you believe a child has provided personal information to us, please contact us so we can review and delete it as appropriate.
Changes to This Policy
We may update this Privacy Policy from time to time. The "Effective Date" above reflects the most recent version. Material changes will be posted on our website and, where required by law or appropriate based on the nature of the change, we may provide additional notice.
Accessibility and Alternative Formats
We intend for this Privacy Policy to be reasonably accessible. If you need this Privacy Policy in an alternative format, please contact us using the contact information below.
Dispute Resolution; Limitation of Liability
To the fullest extent permitted by law, any dispute, claim, or controversy arising out of or relating to this Privacy Policy, our privacy or data practices, our website, or our services will be resolved by binding arbitration administered by the American Arbitration Association under its applicable rules. The arbitration will take place in New Jersey, unless the parties agree otherwise. The arbitrator will have authority to grant the same individual remedies that a court could grant, subject to the limitations in this Privacy Policy and any applicable written agreement between you and us.
You and we agree that arbitration will proceed only on an individual basis. Neither party may bring or participate in a class, collective, consolidated, private attorney general, or representative action to the fullest extent permitted by law.
To the fullest extent permitted by law, our aggregate liability arising out of or relating to this Privacy Policy, our privacy or data practices, our website, or our services will not exceed the greater of (a) $100 or (b) the amounts paid by you to us for the services giving rise to the claim during the six (6) months before the event giving rise to liability. This limitation applies regardless of the legal theory asserted and even if a remedy fails of its essential purpose.
Nothing in this section limits any rights, remedies, obligations, or regulatory complaint rights that cannot be limited or waived under applicable law. If another written agreement between you and us contains dispute-resolution or liability terms that expressly apply to the same dispute, that agreement will control to the extent of any conflict.
Contact
Get Found By Bots LLC
info@getfoundbybots.com