Privacy Policy

1. Who we are

DarkTraffiK is a product of Agent Smith AI. We are the data controller for personal data collected through this website and the DarkTraffiK application. Contact: hello@agentsmith.uk

2. What data we collect

From the free reveal tool (/reveal): Your email address, your domain, and the automated Signal 1 analysis result for your domain. We do not store GA4 CSV files — they are parsed in your browser and never sent to our servers.

From the DarkTraffiK application: Your email address, account information, workspace configuration, crawler hit data (from your connected JS snippet, server log uploads, or Tesra WordPress plugin), citation check results, and GA4 referral data (if connected via OAuth or CSV upload). Content briefs and draft articles generated through the Action Layer are stored per your workspace.

Automatically collected: Standard server logs including IP addresses, browser type, and pages visited. We use Cloudflare as our network provider — see Cloudflare's privacy policy for their data practices.

3. How we use your data

We use your data to provide the DarkTraffiK service, send transactional emails (scan results, citation reports, product updates you've opted into), and improve the product. We do not sell your data to third parties. We do not use your data to train AI models.

BYOK (Bring Your Own Key): API keys you provide for content generation are used in-flight to call your chosen AI provider and are never stored, logged, or retained after the request completes.

4. Legal basis for processing (GDPR)

We process your data under the following legal bases: contract performance (providing the service you've purchased), legitimate interests (product improvement, security), and consent (marketing communications, which you can withdraw at any time).

5. Data retention

Account data is retained for the duration of your subscription plus 90 days. Reveal tool leads are retained for 24 months. You can request deletion at any time by emailing hello@agentsmith.uk.

6. Third-party processors

We use the following sub-processors: Supabase (database, EU region), Cloudflare (network, edge compute, Workers), Brevo (transactional email), Vercel (application hosting). All processors are bound by data processing agreements.

7. Your rights

Under GDPR you have the right to access, correct, delete, and export your personal data. You also have the right to object to processing and to lodge a complaint with your supervisory authority. To exercise any of these rights, contact hello@agentsmith.uk.

8. Cookies

This website uses minimal cookies — session authentication only. We do not use third-party advertising cookies or cross-site tracking.

9. Changes

We will notify you of material changes to this policy by email (if you have an account) or by posting a notice on this page with an updated date.