privacy policy
voiddo (stylized as vøiddo) — an independent product studio operating remote, owner and operator of the site geo.voiddo.com, contactable at support@voiddo.com. throughout this document “voiddo”, “we”, “us”, and “the studio” all refer to the same entity. this policy describes what we collect when you use geo.voiddo.com, why we collect it, and what we do not do with it. plain prose, no dark patterns, no hidden second-purpose use.
what we collect
when you run a free audit, we record: the domain you submitted, the timestamp, your IP address (for daily quota enforcement only), and the audit results we generated. we do not require an account, do not set tracking cookies, and do not run third-party analytics on this site — there is no Google Analytics, no Meta Pixel, no Mixpanel, no Segment, no PostHog, no Hotjar, nothing of that family running on geo.voiddo.com. the absence is deliberate.
when you opt in to receive your audit report by email, we store the email address you provided, the audit it relates to, the source of the opt-in (which page on this site), the timestamp, and an explicit consent flag. we send you the report and — if you stay subscribed — weekly delta emails when your scores change. unsubscribe is one click in every email.
when you buy a paid subscription, Paddle.com Market Limited collects the information needed to process payment (card details, billing address, tax-relevant fields). we do not see your card number. Paddle returns a customer ID, subscription status, and the billing email to us; we store that to know which subscription is yours and to provision the service. Paddle's own privacy policy lives at paddle.com/legal/privacy.
why we collect each thing
the IP address is used to enforce the free-tier quota of three audits per twenty-four hours per IP. we don't sell it. we don't enrich it. we don't ship it to a third-party fraud-prevention service. it lives in our database alongside the audit record. we delete IPs from audit rows older than ninety days unless we are required to keep them for tax or legal reasons.
email addresses you opt in with are used to send you reports and product updates. that's the entire scope. we don't add you to any list you didn't ask to be on. we don't share your address with affiliates because we have no affiliates. we don't sell mailing lists; we don't run them.
subscription data from Paddle is used to know whether to run your scheduled audits and what plan limits to apply. nothing else.
what we don't do
we don't cold-email. ever. if you receive an email from vøiddo that you didn't ask for, that's a mistake on our side — reply “take me off” and we'll find the bug. there is no marketing automation pipeline trying to convert you. there is no SDR. the studio is small enough that this is enforceable as a single rule, and we enforce it.
we don't share your data with advertisers. we don't run ads, and we don't sell signal to companies who do. the business model here is subscription — we have no second revenue stream that would require monetizing your data.
we don't store the AI answers we get for one customer's audit to retrain or fine-tune anything that would benefit another customer's audit. each audit is its own job. results are stored so you can read them later.
third-party processors
the following vendors process data on our behalf: Paddle.com Market Limited for payments (UK, GDPR-compliant); OpenAI, L.L.C. for the ChatGPT API with web search that powers part of the audit (USA, standard contractual clauses apply where required); Perplexity AI, Inc. for the Perplexity API with grounded citations (USA, SCCs where required); Google LLC for the Gemini API with Google Search grounding (USA, SCCs where required); and Hetzner Online GmbH for server hosting (Germany, GDPR-native). we do not use any vendor for analytics, advertising, or behavioral profiling.
when the audit engine sends a buyer query to any of the three AI APIs, the prompt contains your brand name, the inferred competitor names, and the inferred buyer query — no customer-identifying information beyond what you submitted publicly to us. the answers come back; we store them alongside your audit. each provider's API terms govern how they retain or use the prompts; the current position of all three vendors is that paid API traffic is not used to train new models.
cookies
this site sets one cookie: an HTTP-only secure session cookie for paid customers who are logged into their subscription management area. we don't set marketing or analytics cookies. you can block this cookie in your browser; the public site (free audit, all programmatic pages, all legal pages) will continue to work normally without it.
your rights
under GDPR, UK GDPR, and similar regimes, you have the right to: see what we have on you (we'll send you the rows from our database within thirty days), correct anything wrong, delete your data, restrict how we use it, port it to another service in a machine-readable format, and object to processing where the legal basis is legitimate interest. exercise any of these by emailing support@voiddo.com. there's no special form. we'll act on it within thirty days.
if you're in the UK and you believe we've mishandled your data, you can complain to the Information Commissioner's Office at ico.org.uk. EU residents can complain to their local supervisory authority.
retention
audit records and the IPs attached to them are kept for ninety days, then the IP is nulled and the rest is anonymized. lead/email records are kept while you're subscribed plus thirty days. paid subscription records are kept for seven years for tax compliance after termination.
changes
changes to this policy are announced at the top of this page. material changes (new data collected, new third party, new purpose) are also emailed to subscribers at least fourteen days before they take effect.
contact
data-protection questions, requests, complaints, or compliments to support@voiddo.com.
— vøiddo studio