Privacy Policy
Last updated: April 2026
1. Introduction
MirrorAI ("we", "us", "our"), operated by Yaron Levy, Israel, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our AI Reputation Intelligence service at mirroraiscore.com (the "Service").
This policy is designed to comply with the General Data Protection Regulation (GDPR) and applicable Israeli privacy laws.
2. Data We Collect
When you use MirrorAI, we may collect the following personal data:
Information you provide directly:
- Full name - the name or business name you want scanned
- Email address - to deliver your report and communicate with you
- Phone number (optional) - if provided for follow-up communication
- Role / Profession - to provide context for the AI scan
Information collected automatically:
- IP address (for rate limiting and security)
- Browser type and device information
- Pages visited and interaction timestamps
Information we generate:
- AI scan results - what AI tools say about the queried name
- Reputation scores and analysis
- Generated PDF reports
3. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Generating your AI reputation report | Performance of contract |
| Sending your report via email | Performance of contract |
| Processing payments | Performance of contract |
| Improving the Service | Legitimate interest |
| Preventing abuse and rate limiting | Legitimate interest |
| Responding to support requests | Legitimate interest |
4. Third-Party Services
We use the following third-party services to operate MirrorAI. Each has its own privacy policy:
Payment Processing
- PayPal - processes payments securely. We do not store your payment card details. PayPal Privacy Policy
- Lemon Squeezy - handles checkout and payment processing. Lemon Squeezy Privacy Policy
AI Scanning Providers
- OpenAI (ChatGPT) - used to scan AI reputation data
- Google (Gemini) - used to scan AI reputation data
- Anthropic (Claude) - used to scan AI reputation data
- Perplexity - used to scan AI reputation data
We send the name and context you provide to these AI APIs to retrieve their responses. These providers process the data according to their respective API terms and privacy policies.
Data Logging and Infrastructure
- Google Sheets - used for internal order and scan logging
- Netlify - hosts our landing page
- Render - hosts our backend API
5. Data Retention
- Scan data and reports are retained for up to 12 months to allow you to re-access them and for us to improve the Service
- Payment records are retained as required by applicable tax and financial regulations
- Email addresses are retained until you request deletion
- You may request deletion of your data at any time by contacting us
6. Cookies
MirrorAI uses minimal cookies:
- Essential cookies - required for the Service to function (e.g., session management)
- Analytics cookies - we may use basic analytics to understand site usage and improve the Service
We do not use advertising or tracking cookies. You can control cookies through your browser settings.
7. Data Security
We take appropriate technical and organizational measures to protect your personal data, including:
- HTTPS encryption for all data in transit
- Secure third-party payment processing (we never store card details)
- Access controls limiting who can view personal data
- Regular review of security practices
8. Your Rights
Under the GDPR and applicable privacy laws, you have the following rights:
- Right of access - request a copy of the personal data we hold about you
- Right to rectification - request correction of inaccurate data
- Right to erasure - request deletion of your personal data
- Right to restriction - request that we limit how we use your data
- Right to data portability - receive your data in a machine-readable format
- Right to object - object to processing based on legitimate interest
To exercise any of these rights, contact us at info@mirroraiscore.com. We will respond within 30 days.
9. International Data Transfers
Your data may be processed by third-party services located outside your country of residence, including in the United States. We ensure appropriate safeguards are in place for any international transfers, in accordance with GDPR requirements.
10. Children's Privacy
MirrorAI is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. We encourage you to review this policy periodically.
12. Contact
For privacy-related questions, data requests, or concerns:
- Email: info@mirroraiscore.com
- Website: mirroraiscore.com
- Data Controller: Yaron Levy, Israel
See also: Terms of Service