Privacy Policy

Last updated: April 5, 2026

1. Introduction

Zerpio ("we", "us", or "our") operates getzerpio.com (the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service. By using Zerpio, you agree to the practices described here.

2. Information We Collect

Account information: When you sign up, we collect your name and email address via our authentication provider (Clerk).

Google Search Console data: With your explicit authorization, we access your GSC performance data (queries, pages, clicks, impressions, CTR, and position) to generate SEO reports. We store OAuth tokens — encrypted at rest — to access this data on your behalf.

Payment information: Subscription and billing is handled by Stripe. We do not store credit card numbers. We store your Stripe customer ID and subscription status.

Usage data: We collect standard server logs including IP addresses, browser type, pages visited, and timestamps for security and performance purposes.

3. How We Use Your Information

  • To generate SEO reports and AI-powered recommendations from your GSC data
  • To manage your account, subscriptions, and billing
  • To send transactional emails (report ready, billing receipts)
  • To improve the Service and diagnose technical issues
  • To comply with legal obligations

We do not sell your data to third parties. We do not use your GSC data to train AI models.

4. Data Sharing

We share data only with the following third-party services required to operate Zerpio:

  • Clerk — authentication and user management
  • Neon — database hosting (your data is stored in their infrastructure)
  • Stripe — payment processing
  • Anthropic — AI-powered report generation (query and page data is sent to generate suggestions; Anthropic's data retention policies apply)
  • Google — Search Console API access
  • Netlify — application hosting

5. Data Retention

We retain your account data and reports for as long as your account is active. When you delete your account, we delete your data within 30 days. GSC OAuth tokens are deleted immediately upon disconnecting a site.

6. Security

OAuth tokens are encrypted at rest using AES-256-GCM. All data is transmitted over HTTPS. We use industry-standard practices to protect your information, but no system is completely secure.

7. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. You can revoke Google Search Console access at any time via your Google account settings.

8. Cookies

We use cookies and similar technologies for authentication session management. We do not use tracking or advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy. We will notify you of significant changes by email or by posting a notice on the Service. Continued use after changes constitutes acceptance.

10. Contact

Questions? Email us at privacy@getzerpio.com.