Privacy Policy

Last updated: March 19, 2026

1. Who We Are

Mentio ("we", "our", "us") operates the GEO Platform available at getmentio.io. We help local businesses improve their visibility in AI-generated responses (ChatGPT, Claude, Perplexity). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website.

2. Data We Collect

We collect information you provide directly to us:

  • Account data: email address, name, business name, city
  • Business data: website URL, business category, services list
  • Payment data: processed via Stripe — we do not store card numbers
  • Usage data: monitoring queries, GEO Score history, report views

We also collect automatically:

  • IP address, browser type, device type
  • Pages visited, session duration, referral source
  • Cookies and similar tracking technologies (see Section 5)

3. How We Use Your Data

  • Provide and improve our GEO monitoring service
  • Calculate and display your GEO Score
  • Send monitoring reports and alert notifications
  • Process payments and manage your subscription
  • Respond to your support requests
  • Comply with legal obligations
  • Analyse aggregate usage patterns to improve the platform

Legal basis (GDPR): We process your data on the basis of contract performance (providing the service), legitimate interests (improving the product, preventing fraud), and your consent (marketing emails, analytics cookies).

4. Data Sharing

We do not sell your personal data. We share it only with:

  • Supabase — database hosting (EU region)
  • Stripe — payment processing
  • OpenAI / Anthropic / Perplexity — AI query processing (only your business name and query text)
  • Vercel — website hosting
  • Google Analytics — anonymised usage statistics

All processors are bound by data processing agreements and comply with GDPR.

5. Cookies

We use the following types of cookies:

  • Strictly necessary: authentication, session management — always active
  • Analytics: Google Analytics 4 with Consent Mode v2 — only with your consent
  • Preference: language and theme settings

You can manage cookie preferences via the banner shown on your first visit, or by contacting us.

6. Data Retention

We retain your data for as long as your account is active. Monitoring history is retained for 24 months. After account deletion, we delete your personal data within 30 days, except where retention is required by law.

7. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Portability — receive your data in a structured format
  • Restriction — limit how we process your data
  • Objection — object to processing based on legitimate interests

To exercise any right, email us at privacy@getmentio.io. We will respond within 30 days.

8. Security

We implement appropriate technical and organisational measures to protect your data: HTTPS encryption, Row Level Security in our database, regular security audits, and restricted staff access. However, no method of transmission over the internet is 100% secure.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or an in-app notification. The "Last updated" date at the top of this page indicates the most recent revision.

10. Contact Us

For privacy-related questions or to exercise your rights: