What is LLM SEO and how does outwrite.ai optimize for it?

LLM SEO is the practice of optimizing content specifically for Large Language Models like ChatGPT, Perplexity, and Google AI. outwrite.ai creates content with Q&A sections, answer-first formatting, fragment-ready passages, and proper heading structures that AI systems prefer to cite and reference.

How does AI-optimized content get more citations than traditional SEO?

AI systems favor content with clear structure, direct answers, bullet points, and standalone answer passages called 'fraggles.' Our platform generates content using these exact patterns, resulting in 10x more citations from AI systems compared to traditional SEO content.

What types of content can I generate with outwrite.ai?

You can generate 5 specialized content types: Standard Articles, List Posts, How-To Guides, 'What Is' Explanatory content, and Blog Posts. Each type is optimized for specific AI search patterns and citation structures.

Privacy Policy - outwrite.ai | Data Protection & Privacy Rights

outwrite.ai ("we," "our," or "us") is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our LLM-optimized content generation platform and services.

By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Services.

Google OAuth Compliance Statement

outwrite.ai's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only use Google user data to provide authentication services and account creation, and we do not use this data for any other purposes.

1. Information We Collect

a. Authentication and Account Information

Email/Password Registration: When you create an account, we collect your email address, full name, and encrypted password.

Google OAuth: If you sign in with Google, we receive your email address, full name, and Google user ID. We only use this information for authentication and account creation - no other Google data is accessed or stored.

Profile Data: We store your user ID, email, full name, avatar URL, subscription tier, subscription status, and billing period information.

b. Content and Project Data

Generated Content: All content you create, including titles, content body, content type, SEO scores, readability scores, keyword density analysis, and workflow metadata.

Content Projects: Project names, descriptions, target keywords, target audience, content type, status, priority levels, and due dates.

Content Meta: Meta descriptions, meta keywords, and SEO optimization data for your content.

Performance Analytics: Content performance scores, recommendations, and optimization metrics.

c. Usage and Analytics Data

Detailed Usage Tracking: We track every action you take on our platform including content generation events, content optimization requests, photo searches, meta description generation, and subscription-related events.

System Data: Browser type, device information, IP address, session duration, pages visited, and feature usage patterns.

Performance Monitoring: Error logs, load times, and technical performance metrics to improve our service.

d. WordPress Integration Data

Connection Details: WordPress site URLs, site names, authentication types, and usernames.

Encrypted Credentials: WordPress passwords and application passwords are encrypted using industry-standard encryption before storage.

Taxonomies: WordPress categories and tags that you use, along with usage frequency and last used dates.

e. Payment and Subscription Data

Billing Information: Processed through Stripe, including customer ID, subscription status, billing cycles, and payment history.

Usage Limits: Monthly content generation counts and subscription tier limits to enforce plan restrictions.

f. Client and Business Profiles

Business Information: Company names, value propositions, brand voice, and brand guidelines you provide.

Marketing Data: Target personas, competitive messaging, content goals, and messaging frameworks.

g. Cookies and Tracking Technologies

Authentication Cookies: Session tokens and JWT authentication cookies to keep you logged in.

Preference Cookies: Theme preferences, language settings, and user interface customizations.

Analytics Cookies: Usage patterns and feature adoption metrics (anonymized where possible).

2. How We Use Your Information

Primary Service Functions

Content Generation: Using AI services to generate SEO-optimized content based on your inputs
Content Optimization: Analyzing and improving existing content for better search engine performance
SEO Analysis: Providing performance scores, keyword analysis, and optimization recommendations
WordPress Integration: Publishing content directly to your WordPress sites using your authenticated credentials
Image Services: Searching and licensing relevant images through Pexels for your content

Account and Service Management

User authentication and account security
Subscription management and billing through Stripe
Usage tracking to enforce plan limits and prevent abuse
Customer support and technical assistance
Service communications, updates, and important notices

Service Improvement and Analytics

Analyzing usage patterns to improve features and user experience
Monitoring system performance and detecting technical issues
Understanding feature adoption to guide product development
Generating aggregated, anonymized insights about content trends

Legal and Security

Complying with legal obligations and law enforcement requests
Detecting and preventing fraud, abuse, or security threats
Enforcing our Terms of Service and Acceptable Use Policy
Protecting the rights and safety of our users and the public

3. Data Sharing and Third-Party Services

We do not sell, rent, or trade your personal data. However, to provide our services, we share certain data with trusted third-party providers under strict data processing agreements:

Essential Service Providers

Supabase (Database & Authentication)

Hosts our database and provides authentication services. All your account, content, and usage data is stored on Supabase servers in the United States.

Stripe (Payment Processing)

Processes payments and manages subscriptions. Receives billing information, email addresses, and payment details necessary for subscription management.

OpenAI & Google AI (Content Generation)

Your content prompts and generation requests are sent to AI providers to generate optimized content. No personal identification information is included in these requests.

Pexels (Image Services)

Your image search queries are sent to Pexels to find relevant stock photos. No personal data is shared beyond the search terms you provide.

OpenRouter (AI Model Access)

Alternative AI model provider for content generation. Receives content generation requests without personal identification data.

Legal Disclosures

We may disclose your information when required by law or in good faith belief that such action is necessary to:

Comply with legal processes, subpoenas, or court orders
Respond to claims of violation of third-party rights
Protect the rights, property, or safety of outwrite.ai, our users, or the public
Prevent or investigate possible wrongdoing in connection with our services

Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the new entity. You will be notified of any such change and your options regarding your data.

Important Note About AI Services

When you use our content generation features, your prompts and content inputs are sent to AI providers (OpenAI, Google AI, etc.) to generate responses. While we don't include personal identification data in these requests, please be mindful of including sensitive business information in your content prompts.

4. Data Retention and Deletion

Account Data

We retain your account information (profile, subscription data) as long as your account remains active or as needed to provide services, resolve disputes, and comply with legal obligations.

Content and Project Data

All generated content, content projects, performance analytics, and related data are retained while your account is active. Upon account deletion, this data is permanently removed within 30 days.

Usage and Analytics Data

Usage events and analytics data may be retained for up to 2 years for service improvement and fraud prevention purposes. This data is anonymized after 6 months.

WordPress Integration Data

WordPress credentials and connection details are immediately deleted when you disconnect a WordPress site or delete your account.

Payment Data

Payment information is processed and retained by Stripe according to their data retention policies. We only store subscription status and billing period information, which is deleted upon account termination.

Legal and Compliance

In some cases, we may be required to retain certain data for longer periods to comply with legal obligations, resolve disputes, or enforce our agreements.

5. Security Measures

Technical Safeguards

Encryption: All data is encrypted in transit using HTTPS/TLS and at rest using industry-standard encryption
Authentication: Secure JWT-based authentication with automatic token refresh
Database Security: Row-Level Security (RLS) policies ensure users can only access their own data
Credential Protection: WordPress passwords are encrypted using strong encryption before storage
API Security: All API endpoints require proper authentication and authorization

Access Controls

Strict access controls limiting who can access user data
Regular security audits and penetration testing
Employee access is logged and monitored
Principle of least privilege for all system access

Infrastructure Security

Hosted on secure, SOC 2 compliant infrastructure (Supabase)
Regular security updates and patches
DDoS protection and threat monitoring
Automated backups with encryption

Incident Response

We have established procedures for detecting, responding to, and notifying users of security incidents. In the event of a data breach affecting personal information, we will notify affected users within 72 hours and relevant authorities as required by law.

Security Limitation

While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute security and are not responsible for unauthorized access due to circumstances beyond our reasonable control.

6. International Data Transfers

Data Processing Locations

Your data is primarily processed and stored in the United States through our service providers:

Supabase: Database and authentication services (US-based infrastructure)
Stripe: Payment processing (US and EU infrastructure)
OpenAI/Google AI: Content generation services (US-based)
Pexels: Image services (global CDN infrastructure)

Legal Basis for Transfers

For users outside the United States, including EU/EEA residents, we rely on:

Standard Contractual Clauses (SCCs) with our service providers
Adequacy decisions where applicable
Your explicit consent for service provision
Necessity for contract performance

GDPR Compliance

For EU/EEA users, we comply with the General Data Protection Regulation (GDPR), including:

Lawful basis for processing (consent, contract, legitimate interests)
Data minimization and purpose limitation
Right to data portability and erasure
Data Protection Impact Assessments (DPIAs) where required
Appointment of Data Protection Representatives where necessary

7. Your Privacy Rights and Controls

Universal Rights (All Users)

Access: View and download your personal data through your account dashboard
Correction: Update your profile information, business details, and preferences
Deletion: Delete your account and all associated data through account settings
Data Portability: Export your content and projects in standard formats
Communication Preferences: Opt out of non-essential emails and notifications

Enhanced Rights (EU/EEA, California, and other regions)

Right to Information: Detailed information about how your data is processed
Right to Rectification: Correction of inaccurate personal data
Right to Erasure ("Right to be Forgotten"): Deletion in specific circumstances
Right to Restrict Processing: Limit how your data is used
Right to Object: Object to processing based on legitimate interests
Right to Data Portability: Receive data in a machine-readable format
Right to Withdraw Consent: Withdraw consent for optional processing
Right to Lodge Complaints: File complaints with data protection authorities

How to Exercise Your Rights

Through Your Account: Most data management can be done directly in your account dashboard, including profile updates, content deletion, and account termination.

Contact Us: For complex requests or questions, email us at support@outwrite.ai with "Privacy Rights Request" in the subject line.

Response Time: We will respond to requests within 30 days (or as required by applicable law).

Identity Verification: We may request additional information to verify your identity before processing requests.

Limitations

Some rights may be limited by:

Legal obligations to retain certain data
Ongoing disputes or legal claims
Technical limitations in data separation
Protection of other users' rights and privacy

8. Age Restrictions and Children's Privacy

Our services are designed for business and professional use and are not directed to individuals under 13 years of age. We do not knowingly collect personal information from children under 13.

Age Requirements

Minimum Age: Users must be at least 13 years old
Parental Consent: Users under 18 must have parental consent to use our services
Business Context: Our services are intended for business and professional content creation

If We Discover Child Data

If we become aware that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as quickly as possible. If you believe we have collected such information, please contact us immediately.

9. California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

California-Specific Rights

Right to Know: Categories and specific pieces of personal information collected
Right to Delete: Request deletion of personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out: Opt out of sale or sharing of personal information
Right to Limit: Limit use of sensitive personal information
Right to Non-Discrimination: Not receive discriminatory treatment for exercising rights

Important Notice

We do not sell or share personal information as defined by the CCPA. We do not use or disclose sensitive personal information for purposes other than those specified in the law.

10. Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices, services, or legal requirements.

How We Notify You

Material Changes: Email notification and prominent dashboard notice
Minor Updates: Updated effective date and notice in your account
Legal Changes: Immediate notification if required by law

Your Options

If you disagree with material changes to this policy, you may discontinue using our services and delete your account. Continued use after notification constitutes acceptance of the updated policy.

11. Contact Information

General Contact

Email: support@outwrite.ai

Address: 40 Hummock Rd., Quincy, MA 02171

Business Hours: Monday-Friday, 9:00 AM - 5:00 PM EST

Privacy-Specific Inquiries

Privacy Requests: Include "Privacy Rights Request" in the email subject

Data Protection Questions: Include "Data Protection Inquiry" in the subject

Security Incidents: Include "Security Incident" in the subject for urgent matters

EU/EEA Data Protection

For EU/EEA residents, if you're not satisfied with our response to your privacy inquiry, you have the right to lodge a complaint with your local data protection authority.

Response Commitment

We commit to responding to all privacy-related inquiries within 30 days of receipt. For urgent security matters, we aim to respond within 24-48 hours.

Last updated: January 15, 2025

Version: 2.0

Policy ID: OUTWRITE-PP-2025-001

outwrite.ai Privacy Policy