Privacy Policy
Mentioned (and its sub-product ShipRank, collectively "Mentioned", "we", "us") runs the AI Visibility Index at mentionedinai.com. This policy explains what we collect, what we do with it, and what we don't.
What we collect
- Audit inputs: business name, optional URL, optional email — provided by you when you run an audit.
- Server logs: IP address, user agent, timestamp, request path. Used for rate limiting and abuse prevention. Retained 30 days then aggregated.
- Payment data: handled exclusively by Stripe. We never see your card number. We receive only your email and Stripe customer ID.
- Cookies: we set one cookie for affiliate attribution (a 90-day referrer code) and one for session rate limiting. No third-party trackers.
What we publish
Audit results are public by design. When you run an audit, the business name, score, and per-engine breakdown are published to a unique share URL like mentionedinai.com/shiprank/score/<token>. The token is unguessable but the URL is public. If you don't want your audit public, use the API with a Pro key — those audits are private.
Email addresses are never published. We use them only to send your report and (if you opt in) product updates.
What we don't do
- We don't sell or share your data with third parties (except as noted: Stripe for payments, our hosting provider for infrastructure).
- We don't use behavioral advertising, third-party trackers, or ad networks.
- We don't fingerprint visitors.
- We don't use your audit content to train any AI models.
Your rights
You can:
- Delete an audit: email hello@mentionedinai.com with the share URL. We'll remove it within 24 hours.
- Export your data: request a copy of everything we have on you. We'll send a JSON file within 7 days.
- Cancel your subscription: via your Stripe billing portal (link in your receipt email) or by emailing us.
GDPR + CCPA
If you're in the EU or California, you have additional rights under GDPR and CCPA respectively (right to access, right to erasure, right to portability, right to object to processing). To exercise any of them, email hello@mentionedinai.com. We respond within the legal timeframes (30 days GDPR, 45 days CCPA).
Children
Our service is not directed at children under 13. We don't knowingly collect data from anyone under 13.
Changes
If we change this policy materially, we'll update the "Last updated" date and notify Pro members by email at least 14 days before the change takes effect.
Contact
Questions about this policy: hello@mentionedinai.com
Mentioned operates from Frederick, MD. Hosting infrastructure is in the United States.