Privacy Policy

1. Introduction

USAEV.Press, Inc. ("USAEV.Press," "we," "us," or "our") operates the website usaev.press and provides press release distribution, journalist outreach, media monitoring, and related services (collectively, the "Services").

This Privacy Policy explains how we collect, use, share, store, and protect your personal information in compliance with applicable privacy laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), and other U.S. state privacy laws.

By using our Services, you consent to the data practices described in this Policy. If you do not agree, please discontinue use immediately.

2. Information We Collect

2.1 Information You Provide Directly

• Account Registration: Name, email address, password, company name, job title, phone number, and professional profile details.
• Payment Information: Billing address, payment method details (credit card, ACH), and transaction history. Payment processing is handled by Stripe, Inc. (PCI-DSS Level 1 certified). We do not store full credit card numbers.
• Content You Create: Press releases, media files (images, videos, audio), journalist contact lists, pitch email templates, crisis response documents, and any other content uploaded or generated through the Services.
• Communications: Customer support inquiries, survey responses, feedback submissions, and any correspondence with our team.
• OAuth Data: When authenticating via third-party providers (Google, GitHub, LinkedIn, Twitter, Facebook), we receive your name, email, profile photo, and account identifiers as permitted by the provider.
• Company Information: Business details, press contact information, brand voice samples, newsroom settings, and white-label customization preferences.

2.2 Information Collected Automatically

• Usage Data: Pages viewed, features accessed, button clicks, time spent on platform, release creation patterns, and campaign performance metrics.
• Device Information: IP address, browser type and version, operating system, device identifiers (IDFA, advertising ID), screen resolution, and referring URLs.
• Cookies and Tracking: Session cookies, authentication tokens, analytics cookies, and tracking pixels. See Section 6 for detailed cookie information.
• Log Files: Server logs, error reports, API requests, database queries (anonymized), and system performance data.
• Geolocation Data: Approximate location based on IP address (city/region level, not precise GPS).
• Analytics Data: Aggregated metrics on platform usage, feature adoption rates, and user behavior patterns (anonymized for internal analysis).

2.3 Information from Third Parties

• Wire Distribution Partners: Delivery confirmations, outlet pickup data, and syndication metrics from Newswire, IssueWire, EIN Presswire, AccessNewswire, and other distribution partners.
• Social Media Platforms: Engagement data (likes, shares, comments, impressions) from Twitter/X, LinkedIn, Facebook, Instagram when you distribute content via our platform.
• AI Chatbot Citation Data: Citation tracking data from ChatGPT (OpenAI), Gemini (Google), Perplexity, Claude (Anthropic), Copilot (Microsoft), Grok (xAI), MetaAI, and Llama when monitoring press release mentions.
• Media Monitoring Services: News mentions and competitor intelligence from NewsAPI, Google News, and other monitoring sources.
• Journalist Databases: Professional contact information from publicly available sources, press directories, and third-party data providers (used solely for our 900K journalist CRM).
• Payment Processors: Transaction status, fraud detection signals, and billing information from Stripe and other payment providers.

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Delivery

• Process and distribute press releases to wire services, journalists, and media outlets
• Generate AI-powered content (press release drafting, social media posts, video scripts, translations)
• Track distribution performance, media pickups, and citation mentions
• Provide journalist CRM functionality with email open/click/reply tracking
• Enable crisis PR features (holding statements, dark site deployment, priority routing)
• Host owned newsrooms with permanent indexing and SEO optimization
• Calculate ROI reports with Earned Media Value (EMV) metrics

3.2 Platform Operations

• Authenticate users and maintain account security
• Process payments and manage subscriptions
• Provide customer support and respond to inquiries
• Send transactional emails (receipts, confirmations, alerts)
• Detect and prevent fraud, abuse, and security incidents
• Monitor system performance and diagnose technical issues

3.3 Product Improvement

• Analyze usage patterns to improve features and user experience
• Train AI models (press release grading, content generation) using anonymized data
• Conduct A/B testing for new features
• Develop predictive models for distribution performance

3.4 Marketing Communications (Opt-In Only)

• Send product updates, feature announcements, and educational content
• Deliver promotional offers and discounts (you may opt out anytime)
• Share industry insights, best practices, and case studies

3.5 Legal Compliance

• Comply with legal obligations, court orders, and regulatory requirements
• Enforce our Terms of Service and protect our rights
• Respond to lawful requests from government authorities

4. Data Sharing and Disclosure

We do not sell your personal information to third parties. We share data only in the following circumstances:

4.1 Service Providers

• Cloud Infrastructure: Vercel (hosting), Cloudflare (CDN, DDoS protection), AWS S3 (media storage)
• Database: Supabase (PostgreSQL database, authentication, real-time subscriptions)
• Payment Processing: Stripe (payments, billing, subscriptions)
• AI Services: Anthropic (Claude API for content generation, grading), OpenAI (ChatGPT for citation tracking), ElevenLabs (text-to-speech for video releases)
• Email Delivery: SendGrid (transactional emails, pitch campaigns)
• Analytics: Plausible Analytics (privacy-focused, no cookies), PostHog (product analytics)
• Wire Distribution: Newswire, IssueWire, EIN Presswire, AccessNewswire (press release syndication)
• Social Media: Twitter, LinkedIn, Facebook, Instagram (OAuth authentication, content posting)

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our website before your data is transferred and becomes subject to a different Privacy Policy.

4.3 Legal Requirements

We may disclose your information if required by law, subpoena, court order, or government request, or if we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud, abuse, or security threats
• Investigate violations of our Terms of Service

4.4 Public Distribution (By Design)

When you publish a press release through our Services, you explicitly authorize us to distribute it publicly to:

• 6,000+ media outlets, wire services, and news aggregators
• Journalists in our 900K database (for pitch campaigns you initiate)
• Social media platforms (Twitter, LinkedIn, Facebook) when you enable auto-posting
• Search engines (Google, Bing) and AI chatbots (ChatGPT, Gemini, Perplexity, Claude) for indexing and citation
• Your branded newsroom (if owned newsroom hosting is enabled)

⚠ Important: Press releases are public by nature. Do not include confidential, proprietary, or sensitive information you do not wish to be publicly accessible.

5. Data Retention

We retain your information for as long as necessary to provide the Services and fulfill the purposes outlined in this Policy:

• Account Data: Retained while your account is active. After account deletion, we retain minimal data (email, transaction history) for 7 years to comply with tax and financial regulations.
• Press Releases: Retained permanently by default (for owned newsroom SEO value and AI citation tracking). You may request deletion via support@usaev.press.
• Analytics Data: Aggregated and anonymized data retained indefinitely for product improvement. Individual usage data deleted after 2 years.
• Support Communications: Retained for 3 years for quality assurance and training purposes.
• Payment Records: Retained for 7 years to comply with IRS and financial regulations.
• Backup Data: Automated backups retained for 90 days, then permanently deleted.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. See our Cookie Policy for detailed information.

Cookie Types

• Essential Cookies: Required for authentication, security, and core functionality. Cannot be disabled.
• Analytics Cookies: Track usage patterns and performance metrics (Plausible, PostHog). You may opt out in settings.
• Functional Cookies: Remember your preferences (theme, language, dashboard layout).
• Marketing Cookies: Used for retargeting and attribution (Google Ads, LinkedIn Ads). You may opt out via cookie banner.

Email Tracking: When you send pitch emails to journalists via our CRM, we embed tracking pixels to detect opens and clicks. This is essential functionality that cannot be disabled (journalists are not notified of tracking).

7. Your Privacy Rights

7.1 GDPR Rights (EU/UK/EEA Residents)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to Be Forgotten"): Request deletion of your data (subject to legal retention requirements)
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent for data processing at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 CCPA/CPRA Rights (California Residents)

• Right to Know: Request disclosure of personal information collected, used, shared, or sold
• Right to Delete: Request deletion of personal information (subject to exceptions)
• Right to Opt-Out: Opt out of sale/sharing of personal information (Note: We do not sell your data)
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit Use of Sensitive Personal Information: Limit use of sensitive data
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

7.3 Other U.S. State Privacy Rights

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other states with comprehensive privacy laws have similar rights. Contact us to exercise your rights.

7.4 How to Exercise Your Rights

To exercise any of these rights, email us at: support@usaev.press

We will respond within 30 days (GDPR) or 45 days (CCPA). We may request verification of your identity before processing requests.

8. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we discover that a child under 18 has provided us with personal information, we will delete it immediately. If you believe a child has provided us with personal information, contact us at support@usaev.press.

9. International Data Transfers

USAEV.Press is based in the United States. If you access our Services from outside the U.S., your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate.

For EU/UK/EEA residents: We use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection of your data when transferred outside the EEA.

10. Security Measures

We implement industry-standard security measures to protect your information:

• Encryption: Data in transit protected via TLS 1.3. Data at rest encrypted using AES-256.
• Authentication: Multi-factor authentication (MFA) available. OAuth 2.0 for third-party integrations.
• Access Controls: Role-based access control (RBAC). Least privilege principle enforced.
• Infrastructure: SOC 2 Type II certified hosting (Vercel, Supabase). Regular security audits and penetration testing.
• Monitoring: 24/7 intrusion detection and automated threat response.
• Incident Response: Documented data breach notification procedures (72-hour GDPR notification, as required).

No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Third-Party Websites and Services

Our Services may contain links to third-party websites (media outlets, social platforms, wire services). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated via:

• Email notification to your registered email address
• Prominent notice on our website
• In-app notification upon login

Continued use of the Services after changes become effective constitutes acceptance of the updated Policy.

13. Contact Us

For privacy-related questions, data subject requests, or concerns, contact us: