Privacy Policy
Updated 8 July 2026
We are an integration layer on top of Google Vertex AI Search. Search, answer generation, and indexing run on Google Cloud infrastructure. This policy describes what data is processed, who is responsible for what, and how data-subject rights are handled.
Roles: who is controller, who is processor
The site owner who embeds the widget is the controller of their visitors' data and their site content. We act as a processor on the owner's behalf, and Google Cloud is a sub-processor (processing inside Vertex AI / Gemini). For the owner's own account (email, payments) we are the controller.
We also process visitor query text to a limited extent for our own purposes — quality metrics and abuse protection; in that narrow part we act as an independent controller. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR) in keeping the service operational, secure, and accurate; we carried out a legitimate-interests assessment (LIA), and this interest does not override data-subject rights.
Payments are handled by Paddle as Merchant of Record: with respect to the payment transaction, Paddle acts as the merchant of record and an independent controller of payment data, not as our sub-processor.
What data is processed
- Site content — the owner's public pages are indexed so answers can be grounded in them.
- Visitor queries — question text is sent to Google Vertex/Gemini to generate an answer.
- Visitor technical data — the IP address is processed transiently in memory for abuse protection and rate limiting and is not stored in logs or a database (data-minimization principle).
- Usage metrics — query counts and answer quality (no content beyond what's needed).
- Owner account — email and billing data (payments are handled by Paddle as Merchant of Record; we don't store card details).
Our public site may use analytics cookies — these are set only with your consent; see the Cookie Policy for details.
Children's Privacy. The service is a B2B product and is not directed to children under 16. We do not knowingly process personal data of children.
Where and how data is processed
Answer generation and indexing run in the selected Google Cloud region under Google's enterprise terms; for EU clients an EU region is selected by default. Under those terms, Google does not use data submitted to Vertex AI and the Gemini API to train its models. We likewise do not use your content or queries to train any models.
The service operator is established in Israel. Transfers of personal data from the EU to Israel rely on the European Commission's adequacy decision for Israel; transfers to Google's services are governed by Google's Cloud Data Processing Addendum and, where needed, Standard Contractual Clauses (SCCs) and/or the EU-US Data Privacy Framework.
AI transparency. Answers are produced by artificial intelligence from indexed content; the widget interface indicates that the AI is answering, and answers carry links to their sources.
Sub-processors
- Google Cloud — Vertex AI Search (Discovery Engine) and Gemini — indexing, search, and answer generation; processing is governed by Google's Cloud Data Processing Addendum. For EU clients' data an EU region is used by default.
- Google Cloud Storage — intermediate staging of extracted text for import into the index (in the same region).
Paddle processes subscriptions and payments as Merchant of Record and, in that role, acts as an independent controller rather than a sub-processor.
A current list of sub-processors is available on request. We give advance notice of planned changes to our sub-processors and provide an opportunity to object.
Retention
Retention periods:
- Visitor IP addresses — not stored: processed only transiently in memory for abuse protection and discarded immediately after the request is handled.
- Visitor query text — 90 days, after which it is anonymized or deleted; aggregated metrics without personal data may be kept longer.
- Indexing artifacts in intermediate storage — deleted on a schedule, typically within 7 days.
- Site index — while the project is active; when a project is closed, the index and related resources are deleted.
- Owner account data — while the account is active; after closure it is deleted, subject to mandatory retention periods (for example, accounting and tax).
Data-subject rights (GDPR / CCPA / Israeli PPL)
Data subjects may request access to their data, its correction, deletion, or restriction of processing, and may object to processing; under the CCPA — to know the categories of data, request deletion, and opt out of a “sale” (we do not sell data). Because the operator is established in Israel, the Protection of Privacy Law (PPL) as amended by Amendment 13 also applies: rights of access and correction, transparency requirements, and notification of serious security incidents to the regulator.
How to submit a request (DSAR). Requests about visitor data are directed to the site owner as the controller — we, as the processor, assist them (locating and deleting data, log clean-up, project deletion). Requests about owner account data should be sent to us via the contact form or to the privacy contact (see the “Contact” section). We respond within the timeframes set by applicable law (under GDPR, generally within one month).
We cannot contract away mandatory GDPR/CCPA/PPL obligations — responsibility is allocated by law.
Security
Data is transmitted over TLS; service-account access follows least privilege. Queries are sanitized and rate-limited before any paid service is called (protection against injection and denial-of-wallet). Projects are isolated: each runs against its own index. We use Google reCAPTCHA Enterprise for bot and abuse detection, which processes visitor interaction signals subject to Google's privacy terms.
In the event of a serious security incident affecting personal data, we notify the competent authority (in Israel, the Privacy Protection Authority, PPA) and, where required by law, affected individuals and the site owner, within the applicable deadlines.
Contact
Service operator (controller): [Operator name], osek no. [osek no.] — a sole proprietor (osek) established in Israel. Address: [address].
Privacy contact: [privacy@DOMAIN] or via the contact form. Send data-subject requests about the owner account to this contact; for visitor data, contact the site owner as the controller (see “Data-subject rights”).
The details in square brackets will be filled in before commercial launch.