Privacy Policy — Toutmark

Legal Disclaimer: Toutmark is not your lawyer. This document is drafted pragmatically but has not been reviewed by counsel. Before onboarding enterprise customers or processing large volumes of EU/UK data, Toutmark will commission a legal review. Customers should consult their own counsel about whether these terms work for their use case.

Toutmark ("we," "our," "us," or "Company") is an AI citation and AI visibility agency (also known as AI-era SEO). This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your data.

Scope: This policy applies to customers of Toutmark's services and users of toutmark.com and related services. services are US-only; we serve US jurisdiction exclusively in this phase.

1. Information We Collect

Customer Account Data

Identification: Full name, email address, company name, business role
Billing: Name, email, and billing information processed by Stripe
Site Information: Website URLs, domain names, primary CMS/hosting platform
Brand Data: Mission statements, taglines, voice guidelines, FAQs, team details
Spokesperson Profile (HARO + Press Releases): For each authorized spokesperson the customer designates: full name, job title, work email, 1–2 sentence bio, narrowly-scoped expertise areas (3–8 topics), optional list of prior publications/podcasts, optional LinkedIn URL, optional sample prior quotes used as tone references for drafting, the customer-selected approval mode (full_auto_approve / batch_at_onboarding / per_pitch_required), and an optional backup spokesperson record. For Enterprise customers, additional press-release fields: approver name/title/email, About-us boilerplate, media-contact block (name, title, phone, email), preferred EIN distribution category, geographic-targeting preference.
Compliance Contact (Regulated Customers Only): For customers in regulated industries (RIA/BD, healthcare, legal, insurance, finserv-non-securities, crypto, real estate, telehealth, MLM, tax/CPA), we collect a designated Chief Compliance Officer or compliance reviewer's name, title, and email so we can route every HARO pitch and press release to them for sign-off before submission.
Customer Approval Records: Timestamps and channel (dashboard click vs. email reply) of every Approve/Reject/Edit action customers (or their designated reviewers) take on HARO pitches and press releases drafted on their behalf. Used both for operational coordination and for regulator-discoverable audit trails.
Credentials: OAuth tokens and API keys (e.g., Ghost Admin API) you provide directly — encrypted AES-256-GCM in Cloudflare KV storage with 180-day TTL
Third-Party Review Credentials: Usernames for G2, Capterra — provided via your own direct login flows; we never receive or store passwords

Prospect / Non-Customer Data

Public AI Visibility Audit Tool: You provide a website URL to receive an AI visibility score; we crawl and analyze the site
Platform Detection API: Our public endpoint accepts arbitrary URLs for platform detection (used internally during onboarding)

Usage Logs

Action Logs: Rolling record of last 200 service actions (no hard TTL, stored in KV)

What We Do NOT Collect

No tracking pixels on toutmark.com or customer sites
No session replay or heatmaps
No third-party analytics
No cookies for tracking purposes (see Cookies section below)

2. How We Use Your Information

To Provide Services

Publish AI citation content updates to your site through your CMS via authorized OAuth, API token, or plugin install (WordPress, Shopify, Webflow, Ghost, Sanity, Contentful — or by Toutmark drafting universally-visible page changes you publish manually)
Generate LLM-powered content rewrites, brand-aligned copy, and AI citation structures
Manage review site accounts (G2, Capterra) on your behalf
Coordinate HARO pitches, press releases, and social media posting

To Support & Improve

Respond to support requests from [email protected] or [email protected]
Debug installation or integration failures
Develop and tune LLM prompts and brand-routing algorithms

For Billing & Compliance

Process recurring charges via Stripe (monthly auto-renew)
Enforce service termination on non-payment
Maintain unsubscribe lists (CAN-SPAM compliance; indefinite retention)

3. Third-Party Data Sharing

We share customer data with the following services to provide our platform:

Content LLM (used for drafting customer-facing content + Toutmark agent reasoning)

Anthropic (Claude API): Single content-and-reasoning LLM. All paragraph rewrites, Q&A drafts, education pages, HARO pitches, EIN press releases, blog posts, audit reports, schema text, and every Toutmark agent's own work routes through Claude. Prompts and outputs are sent to Anthropic servers. See Anthropic's privacy policy. Toutmark does NOT use OpenAI, Google Gemini, or Perplexity for content drafting — they are measurement targets only (see below).

AI Citation Measurement Targets (used to test whether customer brands surface in third-party AI assistants — core product feature)

OpenAI (GPT-5-mini and text-embedding-3-small only): Toutmark's Monitor agent queries OpenAI's models with brand-test prompts (e.g., "what's the best [category] for [use case]?") and records whether the customer's brand surfaces in the answer. This is core AI citation measurement — we cannot determine whether ChatGPT cites our customers without querying ChatGPT. We do NOT use OpenAI for any content drafting. The only OpenAI models permitted for measurement use are GPT-5-mini (citation queries) and text-embedding-3-small (fact-verification embeddings). See OpenAI's privacy policy.
Google Gemini (Gemini Flash): Same role as OpenAI for measurement — Monitor agent queries Gemini with brand-test prompts to score visibility in Google's answer engine. Not used for content. See Google's privacy policy.
Perplexity: Same role for measurement — citation scoring against Perplexity's answer engine. Not used for content. See Perplexity's privacy policy.

Data Enrichment & Research

Apollo.io: Email addresses and domain names sent for lead enrichment (returns name, title, company, LinkedIn URL)
Jina Reader + Firecrawl: URLs sent for content scraping (your own site URLs and prospect audit URLs)
Tavily + Brave: Search queries for search result analysis and citation tracking

Communications & Email

Mailrelay: Outbound email campaigns; recipient email, subject line, and HTML body are sent to Mailrelay servers
NeverBounce: Email-address verification before outreach is sent and on prospect intake. Only the email address itself is shared with NeverBounce; no message content, no other PII.

AI-Text Detection

Pangram Labs: AI-generated drafts are scored before publishing to make sure they don't read as obviously machine-written. Only the draft text is sent to Pangram; no account or PII data.

Infrastructure, OAuth Brokerage & Hosting

Cloudflare: Hosting, DNS, email routing, KV (key-value storage), and edge compute. Cloudflare privacy policy.
Stripe: Billing and payment processing. Stripe privacy policy.
Composio: OAuth broker that orchestrates scoped actions to Canva, LinkedIn, Reddit, X, Slack, and Google Sheets on your behalf

Complete Subprocessor List: For the authoritative, up-to-date list of all third-party service providers we share data with, see toutmark.com/legal/subprocessors.

Review Sites & Knowledge Bases

Wikidata: Entity edits via bot password; your brand name, descriptions, aliases, and URLs may be sent
Google Sheets (via Composio): Directory and prospect data stored in shared sheets

Forms & Intake

Tally: Intake form submissions routed to our systems

Press & PR

HARO / Connectively / Cision: Inbound journalist queries sent to [email protected]. When we submit a pitch on your behalf — only after your designated spokesperson approves the specific pitch via dashboard or email reply (or, for the opt-in `full_auto_approve` mode, after our Editor clears it on your pre-authorized expertise areas) — your spokesperson's name, title, bio, contact info, and the approved quote are submitted to the journalist's outlet via Connectively or by direct email.
EIN Presswire (Enterprise tier only, 1 release per quarter): Press release body, headline, dateline, your boilerplate ("About [Company]"), and your media-contact block are paste-submitted by River (Toutmark's Owner) to EIN Presswire's web dashboard for distribution. Submission is always manual — Toutmark agents never auto-buy packages or auto-submit releases. Releases only enter the submission queue after your designated approver Approves the specific release via dashboard or email reply (or, for the opt-in `full_auto_approve` mode, after our Editor clears the news hook).
Customer-approval gate (binding): For both HARO pitches and EIN press releases, no content goes out under your name without an explicit customer-approval record (dashboard Approve click, email reply, or pre-authorized `full_auto_approve` opt-in). Regulated customers have no `full_auto_approve` option — every individual pitch and release requires explicit per-item Approve from your designated CCO/compliance contact.

None of these third parties are permitted to use your data for their own marketing or analytics purposes. We provide them only the minimum data required to perform their specific function.

4. Data Retention & Deletion

We follow this retention schedule in our Cloudflare KV storage:

enrichment:* — 30 days (email enrichment from Apollo.io)
oauth_state:* — 10 minutes (single-use OAuth state tokens)
rewrite_cache:* — 30 days (cached content rewrites)
cms_install:* — 180 days (OAuth tokens and API keys)
action_log — rolling last 200 entries, no hard TTL
unsubscribed:* — indefinite (CAN-SPAM compliance)
haro:queries:*, inbound:emails:* — 90 days (raw inbound HARO digests + email bodies)
customer_approval_queue:* — purged on customer Approve / Reject / Edit, OR auto-archived to expired branch when deadline passes
audit_log:* (non-regulated customers) — 90 days
audit_log:* (regulated customers — RIA/BD, healthcare, legal, insurance, etc.) — 7 years, longer if applicable regulator requires (SEC Rule 204-2, FINRA, state bar). This longer retention reflects books-and-records obligations the customer's regulator places on outbound advertising and communications. Regulated customers are notified at onboarding that records about their content will be retained on their behalf for this period and may be furnished to their compliance team or regulator on request.

When you cancel service or request deletion, we will purge your customer data within 30 days, except: (a) unsubscribe records (CAN-SPAM), (b) action logs (last 200 entries only; older entries auto-expire), and (c) regulator-mandated audit logs for regulated customers, which we retain for the full applicable retention period (typically 7 years) regardless of cancellation. We will furnish those records to you or your designated compliance representative on written request.

5. Your Privacy Rights

US Residents (CCPA)

If you are a California resident, you have the right to:

Know: What personal information we collect and how we use it
Delete: Request deletion of data we have collected (with limited exceptions)
Opt-Out: Opt out of the "sale" or "sharing" of personal information (we do not sell data; any third-party sharing for business purposes may be considered a "sharing" under CCPA)
Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To submit a CCPA request, contact [email protected] with "CCPA Request" in the subject line.

EU / UK Residents (GDPR / UK-GDPR — Future)

Live Phase is US-only. When we expand to EU/UK jurisdictions in our Live Phase, we will process data under GDPR/UK-GDPR legal bases (primarily contract performance and legitimate interest) and provide DPA (Data Processing Agreements) for enterprise customers. Until then, EU/UK residents should not provide personal data.

Canada (PIPEDA — Future)

PIPEDA compliance will be implemented upon expansion to Canadian operations.

Australia (Privacy Act — Future)

Australian Privacy Act compliance will be implemented upon expansion to Australian operations.

6. Cookies & Tracking Technologies

We do not use tracking cookies, analytics cookies, or session-replay pixels on toutmark.com or customer sites. We may use essential cookies (e.g., to maintain your login session) but will not use third-party analytics or tracking tools.

7. Children's Privacy (COPPA)

Toutmark services are not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will promptly delete it. Parents or guardians who believe their child has provided information should contact [email protected].

8. Data Breach Notification

In the event of a confirmed data breach affecting your personal information, we will notify you without unreasonable delay via email to the address on file. Notification will include the nature of the breach, the data affected, steps we are taking to remediate it, and recommended precautions.

9. International Data Transfers

Live Phase operates exclusively in the US. Our infrastructure (Cloudflare) may have global presence, but customer data remains subject to US law and is not transferred outside the US in this phase. Upon expansion to other jurisdictions, we will implement Standard Contractual Clauses or other lawful transfer mechanisms.

10. Contact for Data-Subject Requests

To exercise any privacy rights, request data deletion, or raise a privacy concern:

Data-Subject Requests: [email protected]
General Support: [email protected]

Mailing Address:

Toutmark
2712 N Ardmore Avenue
Manhattan Beach, CA 90266
USA

11. Updates to This Policy

We may update this Privacy Policy at any time. The "Last Updated" date at the top of this page will reflect the most recent revision. Continued use of Toutmark services after an update constitutes your acceptance of the new terms.

Version History:

v1.0 — April 23, 2026: Initial Policy (Live Phase, US-only)