Data Processing Addendum
Last updated: July 2026
This Data Processing Addendum ("DPA") forms part of the Terms between Seencite ("Processor", "we") and the customer ("Controller", "you") and governs our processing of personal data on your behalf in connection with Seencite (the "Service"). Where the GDPR, UK GDPR, or CCPA/CPRA applies, this DPA reflects the parties' agreement on data protection. A countersigned copy is available on request at hello@seencite.com.
1. Roles
You are the Controller (or processor acting for your own customers) of the personal data contained in the sites and content you instruct us to crawl and analyze. We act solely as your Processor and process that data only on your documented instructions, including as set out in the Service and this DPA.
2. Subject matter & nature of processing
- Subject matter — providing AI-visibility measurement, auditing, fix generation, and reporting.
- Duration — for the term of your subscription, plus limited retention as described in our Privacy Policy.
- Nature & purpose — crawling public pages you authorize, storing and analyzing their content, querying third-party AI engines, and returning results to you.
- Categories of data — account contact details; and any personal data that happens to appear in the public web pages you instruct us to crawl.
- Data subjects — your personnel/users, and individuals referenced on the public sites you submit.
3. Our obligations
- Process personal data only on your documented instructions.
- Ensure persons authorized to process are bound by confidentiality.
- Implement appropriate technical and organizational security measures (Section 6).
- Assist you, taking into account the nature of processing, with data-subject requests and with your security, breach-notification, and DPIA obligations.
- Notify you without undue delay after becoming aware of a personal-data breach.
- At your choice, delete or return personal data at the end of the Service, subject to legal retention.
- Make available information necessary to demonstrate compliance and allow for reasonable audits.
4. Sub-processors
You authorize us to engage sub-processors to provide the Service. Current sub-processors include Cloudflare (hosting, database, storage, and edge compute), Stripe (billing), our transactional-email provider, and the AI engine/API providers we query on your instruction (e.g. Anthropic, OpenAI, Perplexity, Google). We impose data-protection terms on each sub-processor no less protective than this DPA, and will give notice of intended changes so you can object. A current list is available at hello@seencite.com.
5. International transfers
Where processing involves transfers of personal data out of the EEA, UK, or Switzerland, such transfers are governed by an appropriate transfer mechanism (e.g. the EU Standard Contractual Clauses and the UK Addendum), which are incorporated into this DPA by reference where applicable.
6. Security
We maintain measures including encryption in transit, access controls and least-privilege, tenant isolation (every record is scoped to your organization), hashed credentials, secrets management, and audit logging of privileged actions. Details are summarized on our Methodology and Privacy pages.
7. Data-subject requests
Taking into account the nature of the processing, we will assist you by appropriate technical and organizational measures, insofar as possible, to respond to requests to exercise data-subject rights. You can export or delete project and account data from within the Service or by contacting us.
8. Deletion & return
On termination, we delete or return personal data processed on your behalf within a commercially reasonable period, except where retention is required by law. Crawled page content and derived analysis are deleted with the associated project.
9. Liability & precedence
This DPA is subject to the limitations of liability in the Terms. If there is a conflict between this DPA and the Terms on data protection, this DPA prevails. This is a good-faith summary DPA; have your counsel review it before relying on it for a regulated workload.
10. Contact
Data-protection questions or to request a signed copy: hello@seencite.com.

