Pendium

Privacy Policy

Last updated: March 23, 2026

1. Introduction

This Privacy Policy explains how Pendium.ai (’we,’ ’our,’ or ’us’) collects, uses, shares, and protects information in connection with our website, applications, and services (collectively, ’Services’). Our Services include AI visibility monitoring, content optimization, hosted blog publishing, brand analysis, and related features designed to help businesses understand and improve how AI platforms perceive and recommend them. By using our Services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect several types of information from and about users of our Services:

Account Information

When you create an account, we collect your email address and account credentials. When you use our Services, we collect your brand or business information (name, website, description, industry), social media account connections and associated public profile information, and subscription and billing details. We also gather usage analytics and metrics related to your account activity to ensure proper service operation and security.

AI Visibility and Content Data

Our platform's core functionality involves monitoring AI platform perception and generating optimized content. We collect data necessary to operate these services, including AI visibility scan results (how AI platforms like ChatGPT, Claude, and Gemini perceive and recommend your brand), content you create or that our AI tools generate on your behalf (blog posts, social media content, content briefs), brand voice configurations and knowledge base materials you upload, and performance metrics and analytics data. This data is essential for delivering our Services and improving them over time.

Technical Information

We automatically collect technical information necessary for platform operation and security. This includes your IP address and approximate location information, device specifications including type, model, and operating system, browser type and settings, usage patterns and navigation data, and system error logs and performance data. This information helps us maintain service quality and security.

Third-Party Platform Data

When you connect third-party accounts (such as social media platforms, WordPress, or Webflow), we collect publicly available profile information and content necessary to provide our Services. This may include social media post history for brand voice analysis, CMS connection credentials for content publishing, and publicly available information about your brand from AI platforms.

Cookies and Tracking Technologies

We and our third-party partners use cookies, pixel tags, and similar technologies to collect information about your browsing activity and to distinguish you from other users. This helps us provide a better experience and allows us to improve our Services. The types of cookies we use include:

  • Strictly Necessary Cookies: Required for basic site functionality, authentication, and security. These cannot be disabled.
  • Functional Cookies: Used to remember your preferences, settings, and choices to personalize your experience.
  • Analytics Cookies: Help us understand how visitors interact with our Services so we can measure and improve performance. We use services such as PostHog for product analytics.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

3. How We Use Information

Service Operation

We use your information to operate and improve our Services. This includes managing your account, running AI visibility scans, generating and publishing content, processing subscription payments, optimizing platform performance, providing technical support, and communicating important account and service updates. We maintain detailed operational records to ensure service quality and security.

Analysis and Improvement

We analyze user data to enhance and improve our Services. This includes monitoring system performance, implementing security measures, preventing fraud, fixing technical issues, and developing new features. We may aggregate and anonymize data for platform optimization and research purposes.

4. Information Sharing

Third-Party Services

We share certain information with third-party services that are essential to our platform operation. This includes sharing necessary data with AI language model providers (such as OpenAI, Anthropic, and Google) to perform visibility scans and generate content, social media platforms when you connect accounts for publishing, CMS platforms (WordPress, Webflow) when you publish content, analytics providers who help us understand user behavior and improve our Services, authentication providers for account security, and payment processors for subscription billing. These third parties are required to handle your information in accordance with applicable privacy laws and security standards.

AI Data Processing

When you use our AI-powered features (visibility scans, content generation, content briefs), your brand information and related data may be sent to third-party AI language model providers for processing. We do not use your data to train AI models. The data shared with AI providers is limited to what is necessary to perform the requested operation. Each AI provider processes data according to their own privacy policies and data handling practices.

Legal Requirements

We may share your information when required by law or to protect our rights and the security of our platform. This includes responding to valid court orders or legal processes, complying with regulatory obligations, responding to legitimate government requests, protecting our rights and property, and enforcing our Terms of Service. We evaluate each request carefully and only disclose information necessary to meet legal requirements.

5. Data Security

We implement comprehensive security measures to protect your information, including:

  • Industry-standard encryption for sensitive data transmission and storage
  • Secure server infrastructure with regular security updates
  • Periodic security audits and vulnerability assessments
  • Strict access controls and authentication requirements
  • Regular security training for our personnel

Despite these measures, no method of electronic storage or transmission is 100% secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security. You acknowledge that you provide information at your own risk and understand that:

  • Security breaches could occur despite our precautions
  • Third-party services may have different security standards
  • Network and system vulnerabilities are an inherent risk
  • Unauthorized access attempts may occur
  • Data shared with third-party AI providers is subject to their respective privacy policies

We will notify you of any security breach affecting your personal information in accordance with applicable laws and regulations.

6. User Rights

Access and Control

You maintain significant control over your personal information through our platform. Through your account settings, you can:

  • View and update your personal information at any time. This includes your profile details, connected accounts, and brand configurations.
  • Request corrections to any inaccurate or incomplete data we hold about you. We will process these requests within a reasonable timeframe, typically 30 days.
  • Download a comprehensive copy of your data, including your account information, visibility scan results, and generated content.
  • Delete your account and associated data, subject to our data retention requirements and backup procedures.
  • Opt out of certain non-essential data collection and processing while maintaining core service functionality.

California Privacy Rights

For California residents, we provide additional rights under the California Consumer Privacy Act (CCPA). These rights include:

  • The right to know what personal information we collect, use, share, and sell. We provide this information in this Privacy Policy and upon verified request.
  • The right to request deletion of your personal information, subject to certain exceptions provided by law.
  • The right to opt-out of the sale of your personal information. Currently, we do not sell personal information as defined by the CCPA.
  • Protection against discrimination for exercising your privacy rights. We will not deny services, charge different prices, or provide a different quality of service based on your privacy choices.
  • The right to request detailed disclosures about personal information collected, shared, or sold in the past 12 months.

7. Data Retention

Data Retention Periods

We retain your information for the duration necessary to fulfill the purposes outlined in this Privacy Policy and as required by law. Specifically:

  • Account information is maintained for the duration of your active account, plus any additional period required by law or necessary for legal defense. This includes basic profile information, account settings, and authentication data.
  • Billing and subscription records are retained to comply with financial regulations, tax requirements, and audit needs.
  • Technical logs and system data are retained for security and debugging purposes, typically for a period of 90-180 days, unless a longer retention period is necessary for security, fraud prevention, or legal compliance.
  • Content and visibility data, including scan results, generated content, brand voice configurations, and knowledge base materials, is retained while your account is active and for a reasonable backup period afterward to enable service restoration and problem resolution.

Extended Retention

We may retain certain information even after account deletion in the following circumstances:

  • Legal Requirements: When we are required to maintain records by applicable laws, regulations, or legal obligations.
  • Business Operations: When retention is necessary for legitimate business purposes, such as fraud prevention, security enhancement, or dispute resolution.
  • Technical Constraints: Information may persist in our backup systems for a limited time after deletion from active systems.
  • Published Content: Content published to external platforms (blogs, social media, CMS) may persist on those platforms independent of our retention policies.

8. Children's Privacy

Age Restrictions

Our Services are strictly intended for users who are 18 years of age or older. We do not knowingly collect or maintain personal information from individuals under 18 years of age. If you are under 18, you are prohibited from using our Services or providing any personal information to us.

Discovery and Response

If we discover that we have inadvertently collected information from a person under 18, we will take immediate action:

  • We will promptly delete all personal information associated with the underage user from our active systems.
  • Any associated accounts will be terminated immediately.
  • We will notify relevant parties as required by applicable laws and regulations.
  • We will review and adjust our age verification processes to prevent future collection of underage user data.

9. International Users

Cross-Border Data Processing

Our Services operate primarily from the United States but serve users globally. By using our Services, you acknowledge and consent to the transfer and processing of your information across international borders. Specifically:

  • Your information will be transferred to and processed in the United States, where our primary servers are located.
  • Your information may be processed by staff and service providers operating in other countries where our partners and service providers are located.
  • AI visibility scans may involve queries to AI platforms operated in various countries.

International Data Protection

Different countries may have different data protection standards. While we strive to protect your information consistently across all jurisdictions:

  • We comply with applicable data protection laws in the jurisdictions where we operate.
  • We implement appropriate safeguards when transferring data internationally.
  • We cannot guarantee that other countries will provide the same level of data protection as your home country.
  • Users from certain jurisdictions may have additional rights and protections under local law.

10. Changes to Policy

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, and other factors. When we make changes, we will:

  • Post the updated Privacy Policy on our website and within our applications, indicating the ’Last Updated’ date at the top.
  • Send notifications of material changes directly to the email address associated with your account.
  • Display prominent notices within our applications and website before significant changes take effect.

For substantial changes to how we collect, use, or share personal information, we will seek to provide advance notice when practical.

Acceptance of Changes

Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the updated terms. If you disagree with any changes, you must discontinue using our Services. We encourage you to review the Privacy Policy regularly to stay informed about our privacy practices.

11. Contact Information

General Inquiries

For questions about this Privacy Policy or our privacy practices, please contact us at:

Pendium.ai
9450 SW Gemini Dr
Beaverton, OR 97008
Email: legal@pendium.ai
Phone: (503) 336-9947

California Privacy Rights

California residents exercising their privacy rights under the CCPA can reach our dedicated privacy team at:

Email: legal@pendium.ai
Phone: (503) 336-9947

Data Protection Inquiries

For specific concerns about data protection, security, or to exercise your data rights:

Email: legal@pendium.ai
Response Time: We aim to respond to all privacy-related inquiries within 30 days.

Security Issues

To report security vulnerabilities or data breaches:

Email: legal@pendium.ai
Phone: (503) 336-9947

We take all privacy inquiries seriously and will respond to your request as quickly as possible, in accordance with applicable laws and regulations.

Last modified: March 23, 2026