Privacy policy
We collect only the data required to deliver AI-powered review intelligence, protect it with Supabase RLS + service role patterns, and never sell or rent your information.
Introduction
Brand Wisdom Solutions ("we," "our," or "us") operates MapLift (accessible at www.maplift.app). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. We are committed to protecting your privacy and ensuring transparency about our data practices.
Information We Collect
Personal Information
- Email address (for account creation and communication)
- Name (optional, for personalization)
- Business information (business name, address, phone number)
- Google Maps business URL (for analysis and optimization)
Business Data
- Google Maps business profiles and listings
- Review data and ratings (publicly available information)
- Competitor information (publicly available data)
- Generated review templates and analysis results
Usage Data
- Log data (IP address, browser type, pages visited)
- Analytics data (session duration, features used)
- Performance data (load times, errors encountered)
How We Use Your Information
We use the collected information to:
- Provide and maintain our service
- Analyze your Google Maps presence and generate insights
- Create customized review templates using AI
- Track competitor performance and provide comparative analysis
- Send service-related emails and notifications
- Improve our service and develop new features
- Detect and prevent fraud or abuse
- Comply with legal obligations
Third-Party Services
We use the following third-party services to operate MapLift:
Supabase
Database and authentication services for secure data storage.
Apify
Data collection service for publicly available Google Maps information.
OpenRouter
AI services for generating review templates and business insights.
PhonePe
Secure payment processing for subscription management.
Upstash
Caching services for improved application performance.
Vercel
Web hosting platform for our application.
Data Security
We implement appropriate technical and organizational security measures to protect your data, including:
- Encryption of data in transit using HTTPS/TLS
- Encryption of sensitive data at rest in Supabase
- Row-level security (RLS) policies in our database
- Regular security audits and updates
- Access controls and authentication requirements
- Automatic sanitization of logs to prevent data leaks
- Service role separation for system operations
Your Rights Under GDPR
If you are a resident of the European Economic Area (EEA), you have the following rights:
- Access: Request a copy of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Request limited processing of your data
- Portability: Receive your data in a machine-readable format
- Objection: Object to certain processing activities
- Withdrawal: Withdraw consent at any time
To exercise these rights, contact us at info@maplift.app
California Privacy Rights (CCPA)
If you are a California resident, you have the following rights:
- Right to know what personal information we collect, use, and share
- Right to delete your personal information
- Right to opt-out of the sale of personal information (we do not sell your data)
- Right to non-discrimination for exercising your privacy rights
To exercise these rights, contact us at info@maplift.app
Data Retention
We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Specifically:
- Account data: Retained while your account is active
- Business analysis data: Retained for 2 years after last activity
- Generated templates: Retained for 1 year after generation
- AI response cache: Retained for 48 hours for performance
- Log data: Retained for 90 days
- Deleted account data: Removed within 30 days of deletion request
Children's Privacy
MapLift is intended for business use and not for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at info@maplift.app.
International Data Transfers
Your information may be transferred to and processed in countries other than your own, including the United States (Supabase, Vercel) and other jurisdictions where our service providers operate. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email or through the service at least 30 days before the changes take effect.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
MapLift - Brand Wisdom Solutions
Email: info@maplift.app
Support: support@maplift.app
Privacy: privacy@maplift.app
Billing: billing@maplift.app
Legal Basis for Processing (GDPR)
We process your personal data under the following legal bases:
- Contract: Processing necessary to perform our services under our Terms of Service
- Consent: Where you have given explicit consent for specific processing activities
- Legitimate Interests: For business operations, service improvement, and fraud prevention
- Legal Obligation: To comply with applicable laws and regulations