Privacy Policy

Last updated: April 14, 2025  |  Effective Date: January 1, 2025

Summary: We collect only what's necessary to run AIToolTank.com. We never sell your personal data. We use cookies for analytics and functionality. You can request deletion of your data at any time. Full details below.

1. Who We Are

AIToolTank.com ("we," "our," or "us") operates at https://aitooltank.com. We are a decision engine and comparison platform for AI tools. We are committed to protecting your privacy and handling your personal data responsibly.

Data Controller: AIToolTank.com
Contact Email: privacy@aitooltank.com
Website: https://aitooltank.com

2. Data We Collect

2.1 Information You Provide

  • Contact forms: Name, email address, message content, budget, and problem type when you submit our contact form.
  • Newsletter subscriptions: Email address and name (optional) when you subscribe to our newsletter.
  • AI Tool Reviews: Name, email, and review content when you submit a tool review.

2.2 Automatically Collected Data

  • Log data: IP address (anonymized after 24 hours), browser type, operating system, referring URL, pages visited, and time spent.
  • Cookies: See Section 4 for details.
  • Analytics: Aggregated, anonymized usage data including page views, tool clicks, and search queries.
  • Referral tracking: When you click an affiliate link, we record a hashed (anonymized) version of your IP address, the tool clicked, and the source page. No personally identifiable information is stored.

2.3 Data We Do NOT Collect

  • We do not require account creation or user registration.
  • We do not collect payment information (we are not a payment processor).
  • We do not collect biometric or sensitive personal data.

3. How We Use Your Data

We use the data we collect to:

  • Respond to your inquiries โ€” when you contact us via the contact form or email.
  • Send newsletters โ€” if you subscribed, we send weekly AI tool updates. You can unsubscribe at any time.
  • Improve our platform โ€” anonymized usage data helps us understand what content and tools are most useful.
  • Prevent abuse โ€” rate limiting and security logs help protect the platform from bots and malicious activity.
  • Affiliate revenue tracking โ€” anonymized click tracking helps us understand which tools our affiliate partnerships generate clicks for.
  • Legal compliance โ€” we may use or disclose data when required by law.

Legal basis (GDPR):

  • Consent โ€” for newsletter subscriptions and non-essential cookies.
  • Legitimate interests โ€” for site analytics, security, and affiliate tracking.
  • Contract performance โ€” when responding to inquiries you initiate.
  • Legal obligation โ€” when required by applicable law.

4. Cookies & Tracking

We use the following categories of cookies:

TypePurposeDurationRequired?
EssentialSecurity tokens (CSRF), cookie consent preferenceSession / 1 yearYes
AnalyticsGoogle Analytics 4 โ€” anonymized page view and traffic data2 yearsNo (requires consent)
FunctionalRemembering your tool comparison selections, stack builder data30 daysNo
AffiliateTracking which affiliate tool links you click (anonymized)SessionNo

You can manage cookie preferences via our cookie banner when you first visit. You can also clear cookies in your browser settings at any time. Note that disabling essential cookies may affect site functionality.

We use Google Analytics 4 with IP anonymization enabled. Google's privacy policy is available at https://policies.google.com/privacy.

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Service providers: Email service providers (for newsletters), hosting providers, and analytics platforms โ€” all under data processing agreements.
  • Affiliate networks: When you click an affiliate link, the destination website may set their own cookies. We have no control over third-party websites.
  • Legal authorities: When required by law, court order, or to protect against fraud or security threats.
  • Business transfers: If AIToolTank.com is acquired or merged, data may transfer to the new entity under equivalent privacy protections.

6. Data Retention

  • Contact form submissions: Retained for 2 years, then deleted unless ongoing correspondence requires longer retention.
  • Newsletter subscribers: Retained until you unsubscribe. Unsubscribe records kept for legal compliance for 3 years.
  • Analytics data: Aggregated, anonymized data retained for up to 26 months (Google Analytics default). Raw IP addresses anonymized within 24 hours.
  • Security logs: Retained for 90 days.

7. Your Rights (GDPR / CCPA)

Depending on your location, you have the following rights:

GDPR Rights (EU/UK residents)

  • Right to access โ€” Request a copy of your personal data we hold.
  • Right to rectification โ€” Correct inaccurate personal data.
  • Right to erasure ("right to be forgotten") โ€” Request deletion of your data.
  • Right to restriction โ€” Request we limit processing of your data.
  • Right to data portability โ€” Receive your data in a structured, machine-readable format.
  • Right to object โ€” Object to processing based on legitimate interests.
  • Right to withdraw consent โ€” For consent-based processing (e.g., newsletter).

CCPA Rights (California residents)

  • Right to know what personal information is collected and how it's used.
  • Right to delete personal information.
  • Right to opt-out of sale of personal information (we do not sell data).
  • Right to non-discrimination for exercising privacy rights.

To exercise any of these rights, email us at privacy@aitooltank.com. We will respond within 30 days.

8. Children's Privacy

AIToolTank.com is not directed to children under 13 (or 16 in the EU). We do not knowingly collect personal data from children. If you believe we have inadvertently collected a child's data, please contact us immediately at privacy@aitooltank.com and we will delete it promptly.

9. Security

We implement industry-standard security measures including:

  • HTTPS (TLS 1.2+) encryption for all data in transit.
  • CSRF protection on all forms.
  • Input validation and sanitization to prevent SQL injection and XSS attacks.
  • Rate limiting to prevent brute-force and automated attacks.
  • IP anonymization in logs.
  • Bcrypt password hashing (cost factor 12) for admin accounts.
  • Regular security audits.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. We will notify you of material changes by posting a notice on our website and updating the "Last updated" date above. For significant changes affecting your rights, we will also notify newsletter subscribers via email.

11. Contact Us

For any privacy-related questions, requests, or complaints:

If you are in the EU and unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.