Be Found Everywhere
Keyword AgentLABsOff-Page AgentPricingBlogContact Us Sign In

Privacy Policy

Last Updated: March 12th, 2026

1. Overview

This Privacy Policy explains how Be Found Everywhere Inc. ("BFEAI," "Company," "we," "us," or "our") collects, uses, stores, and deletes personal information when you use our website and services (collectively, the "Service").

The Service is intended only for individuals 18 years or older.

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

For questions about this Privacy Policy or to exercise your data rights, contact us at: privacy@bfeai.com

2. Categories of Data Collected

Account Information

  • Name
  • Email
  • Password hash
  • Phone
  • Company
  • Industry
  • Avatar

Billing Data

  • Stripe subscription records
  • Transaction history
  • Credit balances
  • Cancellation feedback

We do not store full payment card numbers. All payment processing is handled by Stripe, a PCI Level 1 certified payment processor.

Application-Generated Data

  • Keyword research reports
  • Search results
  • SERP competitor metrics
  • Business profiles
  • AI visibility scan data
  • Mention history

Support Data

  • Bug reports
  • Screenshots
  • Communications

Security & Operational Logs

  • Login events
  • IP addresses
  • User agents
  • API usage metrics

3. How We Use Data

We process data to:

  • Provide and maintain the Service
  • Process billing
  • Generate reports
  • Improve functionality
  • Prevent fraud
  • Comply with legal obligations

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

4. Legal Basis (EU/UK)

If you are located in the EU or UK, our processing of your personal data is based on:

  • Contract performance — to provide the Service you signed up for
  • Legitimate interests — to improve our products, prevent fraud, and ensure security
  • Legal compliance — to meet our legal obligations

Where processing is based on consent, you have the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal. To withdraw consent, contact privacy@bfeai.com.

5. Data Retention

We retain personal data only as long as necessary to:

  • Provide services
  • Meet legal obligations
  • Resolve disputes

Upon account deletion:

  • Personally identifiable data is permanently removed
  • Billing records, reports, and files are deleted
  • Logs are anonymized and retained in aggregate form

Specific retention periods:

Data TypeRetention Period
Account informationUntil account deletion
Billing recordsDeleted upon account deletion; aggregate financial records retained as required by law (up to 7 years)
Application-generated data (reports, scans)Until account deletion
Security logsAnonymized after 90 days; aggregates retained for up to 1 year
Support data (bug reports)Until account deletion or issue resolution, whichever is later
API usage and cost logsAnonymized after 90 days; aggregates retained for up to 1 year

6. International Transfers

Data is processed in the United States and other jurisdictions where our service providers operate.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure that transfers of personal data to countries outside your jurisdiction are protected by appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Reliance on service providers' compliance frameworks (e.g., Stripe, Supabase, and other providers maintain their own data protection agreements and certifications)

You may request a copy of the applicable transfer safeguards by contacting privacy@bfeai.com.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate or incomplete data
  • Deletion — Request deletion of your personal data
  • Restrict processing — Request that we limit how we use your data
  • Data portability — Request your data in a structured, machine-readable format
  • Object to processing — Object to processing based on legitimate interests
  • Withdraw consent — Where processing is based on consent, withdraw that consent at any time
  • Lodge a complaint — You have the right to lodge a complaint with a supervisory authority in your jurisdiction if you believe our processing of your personal data violates applicable law

To exercise any of these rights, contact us at privacy@bfeai.com. We will respond to verified requests within 30 days (or 45 days if an extension is necessary, with notice).

We will not discriminate against you for exercising any of your privacy rights. You will not receive different pricing, a different quality of service, or be denied service for making a data rights request.

You may designate an authorized agent to submit requests on your behalf. Authorized agents must provide written authorization from the data subject and may be required to verify their own identity.

8. California Rights (CCPA/CPRA)

California residents have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know — Request disclosure of the categories and specific pieces of personal information collected
  • Right to delete — Request deletion of personal information
  • Right to correct — Request correction of inaccurate personal information
  • Right to opt-out of sale or sharing — You may opt out of the sale or sharing of your personal information

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

To exercise your rights, contact privacy@bfeai.com or use the "Do Not Sell or Share My Personal Information" link on our website.

Categories of third parties receiving data:

Third PartyData SharedPurpose
StripeBilling data, emailPayment processing
SupabaseAccount data, application dataDatabase hosting and storage
OpenAI (and other AI providers)User-submitted queries, business profilesAI-powered analysis and report generation
ResendEmail addressTransactional email delivery
DataForSEOSearch queriesSEO data retrieval

Financial incentive disclosure: We may offer introductory pricing (e.g., a $1 trial period). Participation is voluntary, and you may cancel at any time without penalty. The value of the introductory offer is reasonably related to the value of the data collected during the trial period.

9. Cookies

We use cookies for authentication, security, and session management.

We do not currently use advertising or tracking pixels.

Types of cookies used:

CookiePurposeDuration
bfeai_sessionAuthentication (SSO)7 days
bfeai_themeUser theme preferencePersistent

Because our cookies are strictly necessary for the operation of the Service (authentication and security), they do not require opt-in consent under GDPR. We do not use analytics, advertising, or third-party tracking cookies.

10. Security

We implement reasonable technical and organizational safeguards to protect your personal data, including:

  • Encryption in transit (HTTPS/TLS on all connections)
  • Encryption at rest (AES-256 database encryption)
  • Secure password hashing (bcrypt)
  • HTTP-only, secure cookies with domain-scoped access
  • Rate limiting and account lockout protections
  • Row-Level Security (RLS) on all database tables ensuring users access only their own data
  • Security event logging and monitoring
  • Regular security and vulnerability assessments

No system is completely secure. If you believe your account has been compromised, contact privacy@bfeai.com immediately.

11. Data Breach Notification

In the event of a confirmed data breach that affects your personal information, BFEAI will:

  • Notify affected individuals via email within 72 hours of confirming the breach, in compliance with GDPR Article 33 and applicable law.
  • Notify relevant supervisory authorities as required by applicable data protection laws.
  • Provide clear information including:
    • A description of the nature of the breach
    • The categories and approximate number of individuals affected
    • The categories of personal data affected
    • The likely consequences of the breach
    • The measures taken or proposed to address the breach
    • Recommendations for affected individuals to protect themselves
  • Conduct a post-incident review within 14 days to identify root cause and implement remediation measures.

Our full Incident Response Policy governs internal breach handling procedures, including detection, classification, containment, and recovery.

12. Sub-Processors

We use the following sub-processors to deliver the Service:

Sub-ProcessorLocationPurpose
Stripe, Inc.United StatesPayment processing and subscription management
Supabase, Inc.United States (US-East)Database hosting, authentication infrastructure, file storage
Netlify, Inc.United StatesApplication hosting and content delivery
OpenAI, Inc.United StatesAI-powered analysis and content generation
DataForSEOUnited StatesSEO and keyword data retrieval
Resend, Inc.United StatesTransactional email delivery
Upstash, Inc.United StatesRate limiting and security infrastructure

We require all sub-processors to maintain appropriate data protection measures. We will update this list as sub-processors change and notify users of material changes.

13. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, contact privacy@bfeai.com.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a prominent notice on our website at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Contact

If you have questions about this Privacy Policy, wish to exercise your data rights, or need to report a security concern:

Be Found Everywhere Inc. Oaklyn, NJ
Email: privacy@bfeai.com

For EU/UK residents: If you are not satisfied with our response to a data rights request, you have the right to lodge a complaint with your local data protection supervisory authority.

Get Your Business Found Everywhere

Try Both for 7 Days for $1
Be Found Everywhere

Quick links

Home Terms of Use Privacy Policy

Contact

P: 1 (302) 704-2664 E: info@bfeai.com

Follow Us

Facebook Youtube Instagram

Copyright © 2026 All rights reserved. Be Found Everywhere Inc.