Imprint, privacy & terms.
Last updated: 21 May 2026 . Version 1.0
Contents
01 . Imprint & operator
Citetome is a trade name operated by Yossra Benzad, an independent service provider based in Denmark. This site does not represent a registered limited company. A Danish ApS (Citetome ApS) is in formation; this notice will be updated with the company registration number (CVR) once incorporation completes.
| Operator | Yossra Benzad (sole trader), trading as Citetome |
|---|---|
| Registered for | Information society services, software-as-a-service |
| Place of business | Copenhagen, Denmark |
| Contact email | hello@citetome.com |
| VAT | Below DKK 50,000 threshold; VAT exemption under Danish momsloven § 48 applies until registration becomes mandatory. |
| Hosting | Marketing site: GitHub Pages (San Francisco, US, served via global CDN). API service: Fly.io (London region, lhr), with EU data residency for all customer-identifiable records. |
| Status | Live in production at api.citetome.com |
02 . Privacy policy
Citetome processes personal data only to the extent necessary to deliver the service. We operate under the EU General Data Protection Regulation (Regulation 2016/679, "GDPR") and the Danish Act on Data Protection (Databeskyttelsesloven, 2018).
2.1 What we collect
- Contact form / email: name, email address, message content. Lawful basis: GDPR Art. 6(1)(b), pre-contractual measures at your request.
- Audit requests: domain name, contact email, optional company name. Lawful basis: GDPR Art. 6(1)(b).
- Dashboard authentication: API key (stored in browser session memory only, never transmitted to third parties).
- Server logs: IP address, user-agent, timestamps, URL paths. Retained 30 days for security and abuse prevention. Lawful basis: GDPR Art. 6(1)(f), legitimate interest.
2.2 What we do not collect
- No advertising cookies, no analytics cookies, no third-party trackers.
- No fingerprinting, no session replay, no behavioural profiling.
- No data is sold or shared with marketing partners.
2.3 Retention
Contact emails: retained for the duration of the working relationship plus the statutory accounting period (5 years under Danish Bogføringsloven). Server logs: 30 days. Audit outputs and append-only audit-log entries are retained for the duration of the customer contract and 12 months thereafter, then anonymised. Article 17 erasure requests are honoured within 30 days unless overridden by a legal obligation.
2.4 Your rights (GDPR Art. 15-22)
You have the right to access, rectify, erase, restrict, port, and object to processing of your personal data. To exercise these rights, email hello@citetome.com. We respond within 30 days as required by Art. 12(3).
2.5 International transfers
Customer-facing data is held within the EU/EEA (Fly.io London region; data residency confirmed by provider). The marketing site is delivered via GitHub Pages, which may route traffic through US edge nodes; only publicly accessible HTML is served from these nodes, no personal data is processed there. Where any onward transfer to a non-EEA country occurs, it is covered by the European Commission's Standard Contractual Clauses (2021/914).
03 . Cookies & tracking
This site uses no analytics, no advertising, and no third-party tracking cookies. The only client-side storage we use is:
sessionStoragefor the dashboard authentication key (your API key), cleared automatically when you close the tab.localStoragefor remembering whether you have dismissed the cookie notice (strictly necessary under the ePrivacy Directive, no consent required).
No consent banner is required for strictly necessary storage. If we add analytics in future, an explicit opt-in banner will be deployed before deployment, in accordance with the Danish Cookiebekendtgørelsen and EDPB guidelines 03/2022.
04 . Terms of service
By using citetome.com or the api.citetome.com service, you agree to the following terms. These terms are governed by Danish law. Disputes are resolved by the courts of Copenhagen, Denmark, with the consumer's right of forum under Brussels Ia Regulation Art. 18 preserved where applicable.
4.1 Service description
Citetome provides Answer-Engine Optimisation (AEO) and Generative-Engine Optimisation (GEO) auditing and governance for websites. The service produces audit reports, generates remediation proposals, and maintains an append-only audit log of approved changes.
4.2 Acceptable use
- You may submit only domains you own or are authorised to optimise.
- You may not use the service for spam, cloaking, manipulating search rankings through deceptive content, or any practice prohibited by Google Search Essentials or the policies of major AI search providers.
- You may not reverse-engineer or scrape the dashboard or API beyond rate limits.
4.3 Pricing & payment
Pricing is set per the published price list at citetome.com/pricing. Audits are billed on completion; managed plans are billed monthly in advance. All prices are exclusive of VAT where applicable. Payment terms: 14 days net from invoice issue. Late payment interest is charged at the Danish national bank reference rate plus 8 percentage points per Renteloven § 5.
4.4 Cancellation & refunds
Managed plans can be cancelled at the end of any monthly billing cycle with no notice period. One-off audits are refundable in full until the audit run has started, and not refundable thereafter, except where required by mandatory consumer protection law.
4.5 Service level & limitation of liability
The service is provided on a commercially reasonable best-effort basis. We do not guarantee specific rankings, citation rates, or visibility outcomes in AI search engines, as these are governed by third-party algorithms outside our control. Liability for direct damages is capped at the fees paid by the customer in the 12 months preceding the claim. Liability for indirect, consequential, or lost-profit damages is excluded to the extent permitted by Danish law. Nothing in these terms limits liability for gross negligence, wilful misconduct, or personal injury.
05 . Governance pact
Every site enrolled in a managed plan signs the Citetome Governance Pact. The pact specifies:
- That every change is proposed before it is applied, with a diff preview.
- That the site owner retains a one-click reversal right for 30 days after any approved change.
- That every action (proposal, approval, rejection, reversal) is written to an append-only audit log addressable from
api.citetome.com/governance. - That tombstone-style deletion is supported, in line with GDPR Art. 17 and the EU AI Act transparency obligations applicable from August 2026.
06 . Intellectual property
All source code, design, copy, documentation, brand assets and logos on citetome.com and api.citetome.com are protected under Danish copyright law (Ophavsretsloven) and the Berne Convention. Copyright arises automatically upon creation; no registration is required. All rights reserved. The "Citetome" word mark and the bracket-and-dot logo are unregistered trade marks of the operator. A Community trade-mark filing is planned alongside the Citetome ApS incorporation.
You retain ownership of the content of your own website. By using the service, you grant Citetome a limited, non-exclusive licence to read, index, and propose changes to that content for the purpose of delivering the audit and governance service.
07 . Data processing addendum
Where Citetome processes personal data on behalf of a customer (acting as data processor under GDPR Art. 28), a separate Data Processing Addendum (DPA) is signed. The DPA mirrors the European Commission's Standard Contractual Clauses and covers: processing instructions, sub-processors, security measures, breach notification within 72 hours, audit rights, and post-termination return or deletion of data. Customers can request the DPA template at hello@citetome.com.
7.1 Sub-processors
| Sub-processor | Purpose | Location |
|---|---|---|
| Fly.io Inc. | Application hosting (api.citetome.com) | London, UK (lhr region) |
| GitHub Inc. | Marketing site hosting (citetome.com) | United States, with EU edge delivery |
| UptimeRobot | Uptime monitoring | Sweden / Germany edge |
08 . Contact & complaints
For privacy, contract, or technical enquiries, email hello@citetome.com. We respond within 5 working days for general enquiries and within 30 days for GDPR rights requests.
If you are not satisfied with our handling of a personal-data complaint, you have the right to lodge a complaint with the Danish supervisory authority:
Datatilsynet, Carl Jacobsens Vej 35, 2500 Valby, Denmark. Web: datatilsynet.dk. Phone: +45 33 19 32 00.
This page is provided in good faith and is updated when our processing or structure changes. Translated versions, where they exist, are provided for convenience; the English version is authoritative. No part of this notice constitutes legal advice.