Privacy Policy

Last updated: 18 March 2026

Rebloomr ("we", "us", or "our") is operated as a sole trader based in Japan. This Privacy Policy explains what personal data we collect when you use Rebloomr at rebloomr.com, how we use it, and your rights regarding that data.

Rebloomr is a content operations platform. Its features include: a Social Studio for turning blog articles into social media posts and images; a GEO Article Writer for AI-assisted long-form article generation; a Content Gap Analysis tool for identifying competitive content opportunities; and an AI Visibility Tracker for monitoring how brands are cited by AI search engines.

1. What data we collect

• Account data: Your email address and a securely hashed password, collected when you create an account.
• Blog content: URLs and article text from your connected blog, retrieved by crawling your blog or CMS. This content is used to generate social posts, identify internal linking opportunities, and perform content gap analysis.
• Generated content: Images, captions, carousels, and long-form article drafts we create for you, stored so you can access them later.
• Target prompts: Search queries you enter in the GEO Article Writer and AI Visibility Tracker, used to generate articles and track AI search visibility.
• Competitor and brand data: Domain names and brand names you enter in the Content Gap Analysis and AI Visibility Tracker features, used to retrieve competitive search data and AI citation results.
• AI Visibility run history: Historical records of AI search visibility checks, including the prompts submitted, the AI search engine responses, and which brands were cited. Retained until you delete them or close your account.
• Usage data: Basic counts of actions taken (e.g. images generated, articles written) used to enforce plan limits.
• Preferences: Settings you configure within the app, such as brand colours, company description, blog base URL, and brand kit.

2. How we use your data

• To provide and operate the Rebloomr service and all its features.
• To generate social content, long-form articles, hero images, and content gap reports using third-party AI services (see Section 4).
• To retrieve live search ranking data and AI search citation results on your behalf using third-party search APIs (see Section 4).
• To send transactional emails (e.g. account confirmation, password reset) via our authentication provider.
• To enforce usage limits and process payments.

We do not sell your data. We do not use your content to train AI models.

3. Legal basis for processing (GDPR)

If you are located in the European Economic Area, we process your data on the following bases:

• Contract: Processing necessary to provide the service you have signed up for.
• Legitimate interests: Preventing fraud and ensuring service security.

4. Third-party services and sub-processors

We use the following third-party services to deliver the product. Where your content or inputs are sent to these services, their privacy policies govern how they handle that data.

• Supabase (supabase.com) — database, authentication, and file storage. Data is stored in the EU (AWS eu-west-1) by default. See Supabase's Privacy Policy.
• Google (Gemini API) — AI image generation (Social Studio) and AI search visibility queries (AI Visibility Tracker). Your article content and prompts may be sent to Google's API. See Google's Privacy Policy.
• OpenAI — AI text generation across multiple features, including the GEO Article Writer, Content Gap Analysis, and Social Studio. Your content and prompts may be sent to OpenAI's API. See OpenAI's Privacy Policy.
• Anthropic (Claude) — AI text generation and web-search citation verification used in the GEO Article Writer and AI Visibility Tracker. Your content and prompts may be sent to Anthropic's API. Citation verification may cause the service to make outbound requests to third-party URLs on your behalf; no personal data is transmitted to those third-party sites in this process. See Anthropic's Privacy Policy.
• SerpAPI (serpapi.com) — live search engine results retrieval, used by the Content Gap Analysis and AI Visibility Tracker features. Search queries derived from keywords, competitor domains, and prompts you provide are sent to SerpAPI. See SerpAPI's Privacy Policy.
• Perplexity AI — AI search visibility queries used by the AI Visibility Tracker. Prompts you submit are sent to Perplexity's API. See Perplexity's Privacy Policy.
• Brevo (brevo.com) — transactional email delivery, used to send account-related and service notifications. Your email address is transmitted to Brevo for this purpose. See Brevo's Privacy Policy.
• Stripe — payment processing for paid subscriptions. We do not store your payment card details. See Stripe's Privacy Policy.
• Render (render.com) — cloud hosting provider.

5. Data retention

We retain your data for as long as your account is active. Specific data types:

• Generated articles and drafts: Retained until you delete them or close your account.
• AI Visibility run history: Retained until you delete individual runs or close your account.
• Content gap analyses: Retained until you delete them or close your account.
• Account and billing data: Retained for up to 7 years after account closure where required for tax or legal compliance.

If you delete your account, we will delete your personal data within 30 days, except where retention is legally required.

6. Your rights

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data (you can update your email in Account Settings).
• Delete your account and associated data.
• Export your data in a portable format.
• Object to processing in certain circumstances.

To exercise any of these rights, email us at privacy@rebloomr.com. We will respond within 30 days.

7. Cookies

We use a single session cookie to keep you logged in. We do not use advertising or tracking cookies.

8. Security

Passwords are never stored in plain text — they are handled entirely by Supabase Auth. All data is transmitted over HTTPS. We apply reasonable technical measures to protect your data, though no system is completely secure.

9. Changes to this policy

If we make material changes to this policy — including adding new sub-processors or describing new data processing activities — we will update the "Last updated" date above. For significant changes, we will endeavour to notify active users by email. Continued use of the service after changes constitutes acceptance of the revised policy.

10. Contact

For any privacy-related questions or requests, please contact us at privacy@rebloomr.com.