MagpireSign in

Privacy policy

Last updated: 6 May 2026

Magpire (“we”, “us”) provides AI search visibility tooling for accountancy firms. This policy explains what personal data we process when you use the service, the lawful basis for that processing, and your rights under the UK GDPR.

Who we are

The data controller for personal data processed via the Service is Magpire Ltd, a company registered in England and Wales under company number 17172989. For any privacy or data-protection enquiry email sam@magpire.com.

Data we collect

  • Account data — name, business email, hashed password, the firm name and website URL you provide at signup.
  • Firm profile — country, location, specialisms, target client description, author name and credentials.
  • Audit + content data — pages, schema, citations, scores, and generated content artefacts produced by your Audits.
  • Billing data — handled by Stripe; we store your Stripe customer and subscription identifiers, not your card details.
  • Operational data — request logs (IP, user-agent, timestamp, response status) used to debug failures and apply rate limits.

Why we process it

  • To provide the service you contracted for (Article 6(1)(b) — contract).
  • To detect abuse and protect the platform (Article 6(1)(f) — legitimate interests).
  • To meet our tax, accounting, and fraud-prevention duties (Article 6(1)(c) — legal obligation).

International transfers

Some of our subprocessors are based outside the UK and EEA — Anthropic, Perplexity, DataForSEO, Resend, and Inngest in particular operate from the United States. Where personal data leaves the UK or EEA we rely on the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses (SCCs), or an applicable adequacy decision, and we contractually require equivalent technical and organisational safeguards.

Sub-processors

We rely on the following processors. Each is bound by a Data Processing Agreement and processes data on our documented instructions only. The full list with locations, roles, and transfer mechanisms is published at magpire.com/legal/subprocessors; we’ll notify account owners at least 30 days before adding a new subprocessor.

  • Supabase (PostgreSQL hosting, authentication) — EU region.
  • Vercel (application hosting, edge logs) — global edge with EU residency for primary functions.
  • Stripe (payments, subscription management) — UK + EU + US.
  • Anthropic(AI model inference for content generation and relevance scoring) — United States, under SCCs. Inputs and outputs are not used to train models per Anthropic’s commercial terms.
  • Perplexity, DataForSEO — United States, under SCCs. Used as data sources for SERP and AI engine citation checks. Only your firm name and public website URL are sent.
  • Resend (transactional email delivery) — US, under SCCs.
  • Sentry, Inngest, Upstash — error monitoring, background jobs, and rate-limit storage respectively. See the subprocessor page for locations.
  • Google (Search Console, Business Profile, Tag Manager) — only when the firm explicitly authorises an integration.

Retention

Account and Audit data is retained for as long as your subscription is active. On account deletion the data is soft-deleted immediately, made inaccessible from the product, and hard-deleted within 30 days. Billing records are retained for 7 years to meet UK statutory obligations.

Free Audit submissionsfrom visitors who don’t go on to create an account are kept for 90 days and then deleted automatically. We use them in that window to deliver the audit you requested, send any one-off reports you ask for, and detect abuse.

Your rights

Under UK GDPR you have the right to access, correct, port, restrict, or erase your personal data, and to object to processing. The dashboard exposes self-service export and account deletion under Settings → Account. For anything else email sam@magpire.com; we respond within 30 days.

Complaints

You can complain to the UK Information Commissioner’s Office at ico.org.uk/make-a-complaint if you believe we’ve mishandled your data.