LegalYour data, how we use it, and your rights.Your rights →
Home/Legal/Privacy

Privacy Policy.

Effective: May 15, 2026 Version: 1.0 Controller: Digital Hubz LLC

01Introduction

This Privacy Policy describes how Digital Hubz LLC ("we", "us", "our") collects, uses, and protects personal information when you use OnCited (the "Service"), our marketing website, or otherwise interact with us.

We respect your privacy and aim to handle your data the same way we'd want ours handled — minimally, transparently, and with strong defaults.

02Data controller

The data controller responsible for your personal information is:

Legal name: Digital Hubz LLC Registration ID: 405593433 Registered address: Nino Ramishvili street, N31a, Tbilisi, Georgia Privacy contact: [email protected]

03Information we collect

We collect the categories of information below.

Information you give us

  • Account info: name, work email, company name, role.
  • Billing info: billing address, tax ID where required. Card details are handled directly by our payment processor; we never see or store them.
  • Tracked-prompt data: the prompts, brand names, competitor names, and URLs you choose to monitor.
  • Ranking Service inputs: brand details, source URLs, target topics, voice/tone preferences.
  • Support correspondence: messages you send to us via email, chat, or our help desk.

Information we collect automatically

  • Usage data: pages viewed, features used, clicks, timestamps.
  • Device & technical data: IP address, browser type, operating system, screen size, referrer URL.
  • Cookies and similar technologies: see Cookies & tracking.

Information from third parties

  • AI engine outputs: we capture publicly available answers and citations from AI engines that respond to your tracked prompts. This data is about your brand and category, not about individuals.
  • Payment confirmations: from our payment processor.
  • Enrichment data: publicly available company info we may use to pre-fill onboarding.

04How we use your information

We use personal information to:

  • provide, operate, and improve the Service;
  • authenticate users and secure accounts;
  • process payments and prevent fraud;
  • generate visibility reports, action plans, and analytics for you;
  • deliver Ranking Service placements you have purchased;
  • communicate transactional updates (receipts, security alerts, product changes);
  • send marketing emails to subscribers — you can unsubscribe at any time;
  • respond to your questions and support requests;
  • comply with legal obligations (tax, anti-money-laundering, lawful requests).

05Legal basis for processing

Where applicable data protection law (including the EU GDPR and the Georgian Law on Personal Data Protection) requires a legal basis, we rely on the following:

BasisUsed for
ContractOperating the Service, processing payments, fulfilling subscriptions and Ranking Service deliverables.
Legitimate interestsSecuring the Service, preventing abuse, improving features, measuring marketing performance, internal analytics.
ConsentMarketing emails to non-customers, non-essential cookies, optional analytics.
Legal obligationTax, accounting, regulatory reporting, lawful requests from authorities.

06Cookies & tracking

We use cookies and similar technologies to keep you signed in, remember preferences, measure performance, and (with your consent) market the Service. You can control non-essential cookies via the in-product cookie banner or your browser settings.

CategoryPurposeRequired
EssentialAuthentication, session, security, fraud prevention.Yes
FunctionalRemembering UI preferences (theme, dismissed banners).No
AnalyticsAggregate, privacy-respecting usage measurement.No
MarketingAttribution of paid campaigns, retargeting (only if you opt in).No

07Sharing & disclosures

We do not sell personal data. We share it only in the following circumstances:

  • Service providers (processors): hosting, database, email delivery, analytics, payment processing, customer support tooling. Each is bound by a written data-processing agreement.
  • Within your organization: teammates with access to your workspace can see workspace-level data you choose to add.
  • Legal compliance: if required by law, court order, or a binding request from a competent authority.
  • Business transfers: if Digital Hubz LLC is involved in a merger, acquisition, or sale of assets, your data may be transferred. We will notify affected users in advance.
  • With your direction: for example, when you publish a placement via our Ranking Service or export a report to a third-party tool.

08International transfers

We operate from Georgia. Some of our processors (hosting, email, analytics, payments) are located in the European Economic Area, the United Kingdom, the United States, and other jurisdictions. When we transfer personal data outside Georgia or the EEA, we use appropriate safeguards — including the European Commission's Standard Contractual Clauses or equivalent mechanisms — to protect your data.

09Retention

We keep personal data only as long as we need it.

  • Account data: for the life of your account, then for up to 36 months after closure for legal, tax, and audit purposes.
  • Tracked-prompt history: kept while the subscription is active; deleted within 90 days of cancellation unless you export or request earlier deletion.
  • Billing records: 7 years, to satisfy applicable tax law.
  • Marketing contacts: until you unsubscribe or 24 months of inactivity, whichever comes first.
  • Support tickets: 24 months after the ticket is closed.

10Your rights

Subject to applicable law, you have the following rights regarding your personal information:

  • Access: request a copy of personal data we hold about you.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure: ask us to delete your data (subject to legal exceptions).
  • Restriction: ask us to limit how we process your data.
  • Portability: receive your data in a structured, machine-readable format.
  • Objection: object to processing based on legitimate interests, including direct marketing.
  • Withdraw consent: where processing is based on consent, you can withdraw it any time.
  • Lodge a complaint: with the Personal Data Protection Service of Georgia or another competent supervisory authority.

To exercise any of these rights, email [email protected]. We will respond within 30 days. We may ask you to verify your identity before acting on a request.

11Security

We take security seriously. We use industry-standard safeguards including TLS encryption in transit, encryption at rest for sensitive data stores, role-based access controls, audit logging, secret rotation, and least-privilege access for our team. We undergo independent security reviews and are SOC 2 Type II aligned.

No system is perfectly secure. If we become aware of a personal-data breach affecting you, we will notify you and the relevant supervisory authority where legally required.

12Children

The Service is not intended for individuals under 18, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

13Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change, we will notify you in advance — by email, in-product banner, or other reasonable means. The "Effective" date at the top of this policy will always reflect the latest version.

14Contact

Questions or requests about your privacy? Reach us at:

Email: [email protected] Address: Digital Hubz LLC, Nino Ramishvili street, N31a, Tbilisi, Georgia Registration ID: 405593433
Tip. If you are in the EEA / UK / Georgia, you can also reach out to your local Data Protection Authority. For Georgia, that is the Personal Data Protection Service (personaldata.ge).
Get started

Get a demo with our team.

Cancel any time. We collect only what we need to track your brand across AI engines.

Get a demo See pricing