mentioned

Privacy Policy

Last updated: March 5, 2026

1. Introduction

This Privacy Policy describes how [COMPANY NAME], an Oregon limited liability company ("Company", "we", "us", "our"), collects, uses, and protects information when you use Mentioned (the "Service").

By using the Service, you consent to the practices described in this policy. We are committed to protecting your privacy and being transparent about our data practices.

2. Information We Collect

Information you provide directly

  • Account information — name, email address, password
  • Brand configuration — brand names, domains, aliases, competitor domains
  • Billing information — processed and stored by Stripe; we do not store credit card numbers
  • Report configurations — filters, column selections, export preferences
  • User-generated content — mention tags, notes, and annotations

Information collected automatically

  • Usage data — pages visited, features used, time spent, actions taken within the Service
  • Device and browser information — browser type, operating system, screen resolution
  • IP address — and approximate location, for analytics and security
  • Cookies — and similar technologies (see Cookies section)

Information from third-party sources

  • Brand mention data, sentiment analysis, and content categorization from DataForSEO Content Analysis API
  • Backlink data including referring domains, link types, and domain authority from DataForSEO Backlinks API
  • Search ranking data including keyword positions, search volumes, and keyword metrics from DataForSEO Labs API
  • AI visibility data including AI-generated answers and cited sources from DataForSEO AI Optimization API
  • Payment and subscription status from Stripe

3. How We Use Your Information

We use your information to:

  • Provide and operate the Service, including monitoring your configured brands
  • Process scan jobs and collect data from third-party APIs on your behalf
  • Calculate and display analytics, insights, and reports
  • Process billing and manage subscriptions
  • Send email notifications and reports you've configured
  • Communicate with you about your account, service updates, and support
  • Improve the Service through usage analytics
  • Detect and prevent fraud, abuse, or security threats
  • Comply with legal obligations

4. How We Share Your Information

We do NOT sell your personal information.

We share information with:

  • DataForSEO — Brand names, domains, and keywords you configure are sent as API queries to collect monitoring data. DataForSEO processes these queries to return mention, backlink, search ranking, and AI visibility data.
  • Stripe — Billing information is shared with Stripe for payment processing. See Stripe's privacy policy for details.
  • Laravel Cloud / AWS — The Service is hosted on AWS infrastructure. Your data is stored on servers managed by Laravel Cloud.
  • Email providers — If you configure email notifications or email delivery of reports, your email address and report contents are processed by our email service provider.
  • Legal requirements — We may disclose information if required by law, legal process, or government request.
  • Business transfers — In the event of a merger, acquisition, or sale of assets, user information may be transferred to the acquiring entity.

5. Data Storage & Security

  • Data is stored on AWS infrastructure in the United States
  • We use encryption in transit (TLS/SSL) for all connections
  • Database access is restricted and credentials are managed through Laravel Cloud's secure credential injection
  • Passwords are hashed using bcrypt and are never stored in plain text
  • We implement reasonable administrative, technical, and physical safeguards

No method of transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

  • Account data (name, email) is retained while your account is active
  • Brand monitoring data retention varies by plan: Free (30 days), Starter (90 days), Pro (12 months), Business (2 years)
  • Data exceeding your plan's retention period is permanently deleted on a rolling basis
  • If you delete your account, all associated data is permanently deleted within 30 days
  • Billing records may be retained for up to 7 years for legal and accounting compliance
  • Anonymized, aggregated analytics data may be retained indefinitely

7. Your Rights

You have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate personal data
  • Deletion — Request deletion of your account and associated data
  • Export — Export your monitoring data through the Reports feature
  • Opt-out — Unsubscribe from marketing emails (transactional emails related to your account cannot be opted out of)
  • Restriction — Request that we limit processing of your data in certain circumstances

To exercise these rights, contact us at support@mentioned.app. We will respond within 30 days.

8. Cookies & Tracking

  • We use essential cookies for authentication and session management
  • We use analytics cookies to understand how the Service is used and improve it
  • We do not use advertising cookies or tracking pixels
  • We do not sell data to advertisers or ad networks

You can control cookies through your browser settings, though disabling essential cookies may prevent the Service from functioning properly.

9. International Users

The Service is operated from and data is stored in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States.

By using the Service, you consent to this transfer. We comply with applicable data protection laws to the extent required.

10. Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 18. If we learn we have collected information from a child under 18, we will delete it promptly.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or in-app notification. The "Last updated" date at the top of this page indicates when the policy was last revised.

Continued use of the Service after changes constitutes acceptance.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act. You have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information.

We do not sell personal information. To exercise your California privacy rights, contact us at support@mentioned.app.

13. Contact Information

For privacy-related questions or to exercise your rights, contact us at: