Privacy Policy

Effective Date: 4 December 2025
Last Updated: 4 December 2025

Aseon (“we,” “us,” “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, process, store, and share personal data when you use our website or engage our SEO optimization services for AI models and Large Language Models (“LLMs”).

1. Data Controller

The data controller responsible for your personal data is:

Aseon
Dillenburglaan 4
2252 KX Voorschoten
The Netherlands
Email: info@aseon.io

2. Definitions

For the purposes of this Privacy Policy:

  • “Personal Data” means any information relating to an identifiable natural person.
  • “Processing” means any operation performed on personal data, such as collection, storage, analysis, or sharing.
  • “Data Controller” is the entity determining how and why data is processed - Aseon.
  • “Processor” is a third party that processes personal data solely on behalf of the controller.
  • “Services” refers to Aseon’s SEO optimization, AI/LLM visibility analysis, ranking recommendations, and related consulting services.

3. Personal Data We Collect

We collect the following categories of personal data:

A. Data You Provide Directly

  • Company name
  • Business location
  • Website URL
  • Website language
  • Description of your services/products
  • Email address
  • Information shared during communication or onboarding

B. Automatically Collected Data

Collected via cookies and tracking technologies (see section 11):

  • IP address (with or without anonymisation depending on settings)
  • Device and browser information
  • Usage and interaction data
  • Referrer URL
  • Pages visited and session duration

C. AI/LLM Processing Data

When you submit business or website information for optimization, this data may be processed through AI platforms integrated into our systems (see section 7).

4. How We Collect Personal Data

We collect data via:

  1. Website forms or direct communication
  2. Automated tracking on our website
  3. AI/LLM processing tools used to generate insights
  4. Third-party platforms involved in storing, hosting, or analyzing input

5. Legal Bases for Processing

We process your personal data under the following GDPR legal bases:

  • Performance of a contract (Art. 6(1)(b))
    To provide our services, conduct analyses, and communicate with you.
  • Legitimate interests (Art. 6(1)(f))
    To improve our website, enhance our services, ensure security, and prevent misuse.
  • Consent (Art. 6(1)(a))
    For optional cookies such as Google Analytics (see section 11).
  • Legal obligation (Art. 6(1)(c))
    For tax, accounting, or compliance requirements.

We do not use personal data for automated decision-making with legal or similarly significant effects.

6. Purpose of Processing

We process your data to:

  • Deliver AI/LLM SEO optimization and visibility reports
  • Analyze your website’s representation in AI models
  • Communicate with you about your project
  • Improve our services and website functionality
  • Ensure performance, security, and fraud prevention
  • Comply with legal obligations

We do not sell personal data.

7. Use of AI Platforms & Third-Party Tools

To deliver our services, your submitted data may be processed through AI platforms integrated via our technology provider.

Lovable Labs (lovable.dev)

We use Lovable as a platform for:

  • Hosting service-related data
  • Running AI-assisted workflows
  • Managing project information

Lovable acts as our data processor. In some cases, Lovable may transmit your inputs to their AI model providers (such as OpenAI and other leading LLM vendors) strictly for the purpose of generating outputs.

AI Providers

Depending on the service used, your inputs may be processed by:

  • OpenAI
  • Startups and major technology companies providing LLMs
  • OpenRouter

These providers may be located outside the EU/EEA, including the United States. All such transfers are covered under safeguards described in section 10.

8. Data Sharing

We may share your personal data with:

  • Service providers / processors
    (hosting, analytics, AI platforms, email tools)
  • Legal authorities
    Only where required by law.
  • Business partners
    Only when necessary for fulfilling a contract and under appropriate data protection safeguards.

We do not share personal data for advertising purposes and do not sell any data to third parties.

9. Data Retention

We retain personal data only as long as necessary for:

  • Providing our services
  • Maintaining records
  • Compliance with legal obligations
  • Security and fraud prevention

When data is no longer required, we securely delete it.

Note: Some AI/LLM providers may maintain limited logs or telemetry data as per their own retention policies, which we cannot fully control.

10. International Data Transfers

Your data may be transferred or accessed outside the EU/EEA, including the United States, due to our use of cloud infrastructure, analytics tools, and AI providers.

We ensure that all cross-border transfers are protected by one or more of the following safeguards:

  • EU-US Data Privacy Framework (DPF)
  • Standard Contractual Clauses (SCCs)
  • UK International Data Transfer Addendum
  • Swiss Addendum to SCCs
  • Data Processing Agreements with binding GDPR protections

These measures ensure an equivalent level of protection to EU privacy laws.

11. Cookies & Tracking Technologies

Our website may use cookies and similar technologies to enhance functionality and improve performance.

You can manage or withdraw cookie consent at any time through your browser settings or cookie controls presented on our site.

12. Google Analytics 4 (GA4)

(Only active with user consent)

We use Google Analytics 4 (GA4) to analyze website usage and improve our services. GA4 collects data such as:

  • IP address (with IP anonymization enabled where available)
  • Browser type and device characteristics
  • Interaction data, events, and page activity
  • Approximate geographic information

Legal Basis: Consent (Art. 6(1)(a) GDPR)

GA4 is only activated after you provide explicit consent via our cookie banner. You may withdraw consent at any time via cookie settings.

Data Sharing with Google

Google acts as a processor, but may process aggregated or pseudonymized data for service improvement under its terms.

International Transfers

Google may process personal data in the United States. Google participates in the EU-US Data Privacy Framework and also applies Standard Contractual Clauses (SCCs) where required.

For more information, refer to:
Google Privacy Policy: https://policies.google.com/privacy
Google Data Retention: https://policies.google.com/technologies/retention

13. Security Measures

We implement appropriate technical and organizational measures to secure personal data, including:

  • Encryption in transit and at rest
  • Access control and authentication measures
  • Monitoring for suspicious activity
  • Secure hosting environments
  • Data minimization and pseudonymization where applicable

No system is completely immune to security risks; however, we take every reasonable step to protect your information.

14. Your GDPR Rights

You have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your supervisory authority

To exercise any rights, contact us at info@aseon.io.

15. Changes to This Privacy Policy

We may update this policy from time to time. Any updates will be posted with a new “Last Updated” date.

16. Contact

For questions, concerns, or requests regarding this Privacy Policy, contact:

Aseon
Dillenburglaan 4
2252 KX Voorschoten
The Netherlands
Email: info@aseon.io