Privacy Policy

Cited Brands (Pty) Ltd ("we", "us") processes personal information in line with the Protection of Personal Information Act, 2013 (POPIA). This policy describes what we collect, why, and how we keep it safe.

1. What we collect

• Form submissions: name, work email, brand, and message when you request a demo or download the Index Report.
• Analytics: anonymised usage data (page views, click paths) via PostHog (EU region) and Google Analytics 4. No PII captured by default.
• Cookies: see Cookie policy.
• Public brand citation data: URLs cited by ChatGPT, Claude, Gemini, Perplexity, and Google AI Overviews. Observational data on publicly published content — no personal information.

2. Why we collect it

• To respond to demo requests and operate your subscription.
• To send the SA AI Citation Index Report quarterly to opted-in subscribers.
• To improve product quality (anonymised analytics).
• To meet our regulatory and legal obligations.

3. Where it lives (POPIA §72 — cross-border)

We use Microsoft Azure (EU region) for primary data storage. Some operational tools (Anthropic, OpenAI, Google AI APIs; PostHog; Cloudflare) are headquartered in the US or operate global infrastructure. We rely on POPIA §72 cross-border transfer mechanisms (standard contractual clauses, adequate-protection assessments) for these flows.

4. How long we keep it

• Demo / form submissions: 24 months from last contact.
• Customer records: duration of the contract plus 5 years (tax compliance).
• Analytics: rolling 14 months, then aggregated.

5. Your rights

Under POPIA you have the right to access, correct, or delete your personal information, object to processing, and lodge a complaint with the Information Regulator. To exercise any of these rights, contact our Information Officer at privacy@citedbrands.co.za.

6. Contact

Information Officer: privacy@citedbrands.co.za. Cited Brands (Pty) Ltd, South Africa.