HORDUS AI LTD.
PRIVACY POLICY
Last Updated: June 1, 2026
This Privacy Policy explains how Hordus AI Ltd. (“Hordus,” “we,” “us,” or “our”) collects, uses, stores, discloses, transfers, and protects personal data in connection with our website, platform, dashboards, AI visibility tools, GEO audits, content workflows, APIs, integrations, communications, and related services.
Hordus AI Ltd. is located at Harakevet 58, Tel Aviv, Israel.
For privacy questions or requests, contact: privacy@hordus.ai.
For security issues, contact: security@hordus.ai.
The Services are intended for business customers only and are not intended for consumers, children, or personal use.
1. Important Notice: No Personal Data in Customer Workspaces
Hordus is a B2B platform. Customer workspaces are designed to process business, company, website, content, and GEO-related data, not personal data.
Customers must not upload, submit, connect, or provide personal data to the platform, whether sensitive or non-sensitive, unless Hordus has expressly agreed in writing.
This means Customers should not upload:
- Personal contact lists.
- Consumer data.
- Employee records.
- Candidate or HR data.
- Health data.
- Financial account data.
- Government IDs.
- Children’s data.
- Sensitive personal data.
- Private communications.
- Any other information that identifies or can reasonably identify a natural person.
Hordus may still collect limited personal data from business representatives who interact with Hordus, such as business contact details, account login data, support communications, cookie data, and website usage data. This is explained below.
2. When This Privacy Policy Applies
This Privacy Policy applies to:
- Visitors to the Hordus website.
- People who request a demo, report, audit, or consultation.
- Business representatives who communicate with Hordus.
- Authorized users of Hordus customer workspaces.
- Prospects, partners, suppliers, and service providers.
- Users who interact with Hordus marketing, emails, forms, or events.
- Users whose browser or device interacts with Hordus cookies, analytics tools, or advertising pixels.
This Privacy Policy does not apply to third-party websites, AI providers, search engines, social platforms, publishers, or integrations that are not controlled by Hordus.
3. Our Role
Depending on the context, Hordus may act as:
- A controller or business when we operate our website, manage accounts, respond to inquiries, run marketing, secure the Services, analyze usage, and manage customer relationships.
- A processor or service provider when we process Customer Data on behalf of a business customer under that customer’s instructions.
Where required, Hordus’s Data Processing Addendum and Subprocessor information are available upon request.
4. Personal Data We Collect
Although Customer workspaces should not contain personal data, we may collect the following limited categories of personal data in connection with operating our business and Services.
A. Business Contact Data
This may include:
- Name.
- Business email.
- Business phone number.
- Job title.
- Company name.
- Department.
- Country or region.
- LinkedIn or business profile information.
- Communication preferences.
B. Account and Authentication Data
This may include:
- User name.
- Business email.
- Account ID.
- Workspace ID.
- User role.
- Login records.
- Authentication tokens.
- API key metadata.
- Permissions.
- Session information.
- Security logs.
C. Website and Device Data
This may include:
- IP address.
- Browser type.
- Device type.
- Operating system.
- Referring URL.
- Pages viewed.
- Time spent on pages.
- UTM parameters.
- Approximate location derived from IP address.
- Cookie identifiers.
- Pixel identifiers.
- Interaction events.
- Log data.
D. Communications and Support Data
This may include:
- Emails.
- Messages.
- Demo requests.
- Support tickets.
- Meeting notes.
- Feedback.
- Survey responses.
- Call summaries.
- Contract-related correspondence.
E. Billing and Commercial Data
This may include:
- Billing contact details.
- Subscription plan.
- Invoice details.
- Payment status.
- Tax information.
- Purchase history.
- Order Form details.
Payment card information, if used, is processed by payment providers and is not intended to be stored directly by Hordus.
F. Platform Usage Data
This may include:
- Login activity.
- Feature usage.
- Workspace activity.
- Tool calls.
- Audit activity.
- Draft generation activity.
- Export activity.
- API activity.
- Error logs.
- Performance logs.
- Security and abuse-prevention logs.
G. Customer Workspace Data
Customer workspace data may include business and website-related data such as:
- Company URLs.
- Website pages.
- Product descriptions.
- Brand guidelines.
- Public website content.
- Prompts.
- Topics.
- AI answer records.
- Citation sources.
- Competitor lists.
- Audit findings.
- Content opportunities.
- Drafts.
- Reports.
- Recommendations.
- Comments and instructions.
Customer workspace data must not include personal data.
5. Sources of Personal Data
We collect personal data from:
- You, when you submit forms, communicate with us, create an account, or use the Services.
- Your organization, when it creates or manages a Hordus workspace.
- Your browser or device, through cookies, pixels, logs, and analytics tools.
- Service providers, such as CRM, analytics, advertising, email, security, hosting, and support tools.
- Third-party integrations authorized by your organization.
- Public business sources, where relevant to business development, market research, or GEO analysis.
6. How We Use Personal Data
We use personal data for the following purposes:
- To provide, operate, maintain, and secure the Services.
- To create and manage accounts and workspaces.
- To authenticate users and manage permissions.
- To respond to demo requests, questions, and support inquiries.
- To perform GEO analysis, AI visibility analysis, content workflows, site audits, and reporting.
- To generate business reports, recommendations, briefs, and draft content.
- To monitor usage, performance, reliability, and security.
- To prevent fraud, abuse, unauthorized access, and misuse.
- To send service notices, administrative messages, security alerts, and billing communications.
- To send marketing communications, newsletters, event invitations, and product updates, subject to opt-out rights.
- To measure advertising and marketing effectiveness.
- To improve our website, Services, workflows, user experience, and product features.
- To comply with legal obligations.
- To enforce agreements and protect rights.
- To create aggregated or de-identified insights that do not identify individuals.
7. Legal Bases for Processing
Where GDPR, UK GDPR, or similar laws apply, we rely on the following legal bases:
| Processing Purpose | Legal Basis |
|---|---|
| Providing the Services | Contract performance or legitimate interests |
| Managing accounts and workspaces | Contract performance or legitimate interests |
| Customer support | Contract performance or legitimate interests |
| Security, fraud prevention, and abuse prevention | Legitimate interests and legal obligations |
| Website analytics | Consent or legitimate interests, depending on jurisdiction and tool |
| Advertising pixels and retargeting | Consent where required; opt-out rights where applicable |
| Marketing emails | Consent or legitimate interests, with opt-out rights |
| Billing, tax, and accounting | Legal obligation and contract performance |
| Legal claims and enforcement | Legitimate interests and legal obligations |
| Processing Customer Data on behalf of a customer | Customer instructions under applicable agreement and DPA |
8. Cookies, Pixels, Analytics, and Tracking Technologies
We use cookies, pixels, tags, scripts, local storage, SDKs, and similar technologies.
These may include:
- Google Analytics.
- Google Tag Manager.
- Google Ads.
- LinkedIn Insight Tag.
- Meta Pixel.
- HubSpot.
- Hotjar.
- Microsoft Clarity.
- Other analytics, advertising, CRM, security, and performance tools.
We use these technologies to:
- Operate the website and Services.
- Authenticate users.
- Remember preferences.
- Analyze traffic and product usage.
- Understand user journeys.
- Improve performance.
- Support marketing attribution.
- Run advertising and retargeting.
- Measure campaign performance.
- Detect security issues and abuse.
Some cookies are strictly necessary. Others, including analytics, advertising, retargeting, and behavioral tracking technologies, may require consent depending on your location.
Where required, we use a cookie banner or consent-management tool that allows users to accept, reject, or manage non-essential cookies.
You can also manage cookies through your browser settings and through the cookie settings tool available on our website.
9. Advertising, Retargeting, and “Sale” or “Sharing”
Hordus uses advertising and retargeting technologies, including tools such as Google Ads, LinkedIn Insight Tag, Meta Pixel, and similar technologies.
We do not sell personal data for money.
However, under some U.S. privacy laws, including California law, certain advertising, retargeting, analytics, or cross-context behavioral advertising activities may be considered a “sale,” “sharing,” or “targeted advertising.”
Where applicable, you may opt out of such activities by:
- Using the cookie settings tool on our website.
- Using a “Do Not Sell or Share My Personal Information” link where displayed.
- Sending a request to privacy@hordus.ai.
- Using browser-based opt-out signals where legally required, such as Global Privacy Control.
10. AI Providers and Model Processing
Hordus may use AI providers and large language model providers to provide parts of the Services.
These may include:
- OpenAI.
- Anthropic.
- Google/Gemini.
- Perplexity.
- Other AI, language model, classification, summarization, embedding, or analysis providers.
AI providers may be used to:
- Analyze AI answers.
- Summarize sources.
- Classify prompts, topics, citations, and sentiment.
- Generate recommendations.
- Generate content briefs.
- Generate draft content.
- Rewrite or improve draft sections.
- Create metadata, FAQ suggestions, schema suggestions, or reports.
Hordus does not use Customer Data to train public foundation models.
Customer should not submit personal data, confidential personal information, or sensitive data into the Services.
11. How We Share Personal Data
We may share personal data with:
- Cloud hosting and infrastructure providers.
- AI providers and model service providers.
- Analytics providers.
- Advertising and retargeting providers.
- CRM and marketing automation providers.
- Email and communication providers.
- Security and fraud-prevention providers.
- Customer support providers.
- Payment and billing providers.
- Professional advisors, including lawyers, accountants, auditors, and insurers.
- Authorized customer administrators.
- Third-party integrations authorized by the Customer.
- Public authorities, courts, regulators, or law enforcement where required by law.
- Parties involved in a merger, acquisition, financing, restructuring, or sale of assets.
- Other parties where you or your organization direct us to share information.
Hordus’s Data Processing Addendum and Subprocessor information are available upon request.
12. International Transfers
Hordus is based in Israel and may process personal data in Israel, the European Economic Area, the United Kingdom, the United States, and other countries where Hordus or its service providers operate.
Where required by applicable law, we use appropriate safeguards for international transfers, such as:
- Adequacy decisions.
- Standard Contractual Clauses.
- Data Processing Addenda.
- Transfer impact assessments.
- Contractual and technical safeguards.
- Other lawful transfer mechanisms.
13. Data Retention
We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law.
Unless otherwise agreed in an Order Form or required by law:
- Customer workspace data is retained for up to 90 days after termination or account closure.
- Drafts, reports, audit records, and generated outputs are retained for up to 90 days after termination or account closure.
- Account, billing, tax, security, and legal records may be retained for longer where required for compliance, accounting, security, dispute resolution, or legitimate business purposes.
- Backup copies may persist for a limited period according to backup cycles.
- Marketing contact data is retained until opt-out, deletion request, or inactivity-based deletion.
- Security logs may be retained as needed to protect the Services and investigate abuse.
14. Security
We use reasonable technical, organizational, and administrative safeguards designed to protect personal data.
These may include:
- Access controls.
- Authentication.
- Permission management.
- Encryption where appropriate.
- Monitoring and logging.
- Security reviews.
- Vendor review.
- Abuse-prevention controls.
- Incident response procedures.
- Least-privilege access practices.
No method of transmission or storage is completely secure.
If you believe there has been a security issue, contact security@hordus.ai.
15. Your Privacy Rights
Depending on your location and applicable law, you may have the right to:
- Access personal data.
- Correct inaccurate personal data.
- Delete personal data.
- Restrict processing.
- Object to processing.
- Withdraw consent.
- Receive a portable copy of personal data.
- Opt out of marketing communications.
- Opt out of sale, sharing, targeted advertising, or certain profiling, where applicable.
- Appeal a denied privacy request, where required by law.
- Lodge a complaint with a data protection authority.
To exercise rights, contact privacy@hordus.ai.
We may need to verify your identity and authority before fulfilling a request.
If your request relates to personal data processed by Hordus on behalf of a Customer, we may refer the request to that Customer or act according to that Customer’s instructions.
16. Israel Privacy Notice
Where Israeli privacy law applies, you may have rights to inspect information about you, request correction or deletion of inaccurate, incomplete, unclear, or outdated information, and exercise other rights under applicable law.
Hordus’s contact for privacy requests is:
Hordus AI Ltd.
Harakevet 58
Tel Aviv, Israel
Email: privacy@hordus.ai
17. EEA, EU, and UK Privacy Notice
If you are located in the European Economic Area, European Union, or United Kingdom, you may have rights under applicable data protection law, including the right to access, rectify, erase, restrict, object, port data, and withdraw consent.
You also have the right to lodge a complaint with your local data protection authority.
Hordus does not intentionally collect personal data in Customer workspaces. Business contact, account, website, cookie, marketing, support, and usage data may still be processed as described in this Privacy Policy.
18. California and U.S. State Privacy Notice
This section applies where Hordus is subject to the California Consumer Privacy Act, as amended by the California Privacy Rights Act, or similar U.S. state privacy laws.
Categories of Personal Information Collected
In the last 12 months, Hordus may have collected the following categories of personal information:
- Identifiers, such as name, business email, IP address, cookie ID, account ID, and online identifiers.
- Commercial information, such as subscription details, billing records, and service history.
- Internet or electronic network activity, such as website visits, product usage, logs, referring pages, and interaction data.
- Professional or employment-related information, such as job title, company, department, and business contact information.
- Approximate geolocation, such as location inferred from IP address.
- Inferences, such as product interest, marketing segment, or usage patterns.
- Communications, such as support requests, demo requests, and business correspondence.
Hordus does not intentionally collect sensitive personal information and does not permit Customers to upload sensitive personal information to the Services.
Sources
We collect personal information from:
- You.
- Your organization.
- Your browser or device.
- Service providers.
- Advertising and analytics tools.
- Public business sources.
- Authorized integrations.
Purposes
We use personal information for the business and commercial purposes described in this Privacy Policy, including providing the Services, managing accounts, improving the Services, security, support, marketing, analytics, advertising, and legal compliance.
Disclosure
We may disclose personal information to service providers, contractors, subprocessors, authorized customer administrators, advisors, legal authorities, and business transaction parties.
Sale, Sharing, and Targeted Advertising
Hordus does not sell personal information for money.
Because we use advertising and retargeting tools, we may engage in activities that may be considered “sharing,” “sale,” or “targeted advertising” under some U.S. privacy laws.
You may opt out by using the cookie settings tool on our website, using the “Do Not Sell or Share My Personal Information” link where displayed, enabling legally recognized browser opt-out signals where required, or contacting privacy@hordus.ai.
California Privacy Rights
California residents may have the right to:
- Know what personal information we collect, use, disclose, sell, or share.
- Access personal information.
- Delete personal information.
- Correct inaccurate personal information.
- Opt out of sale or sharing.
- Limit use of sensitive personal information, if applicable.
- Not be discriminated against for exercising privacy rights.
To exercise rights, contact privacy@hordus.ai.
19. Marketing Communications
You may opt out of marketing emails at any time by using the unsubscribe link in the email or contacting privacy@hordus.ai.
Even if you opt out of marketing emails, we may still send service, security, billing, legal, and administrative communications.
20. Children
The Services are intended for business users and are not directed to children.
We do not knowingly collect personal data from children under 16.
If you believe that a child has provided personal data to Hordus, contact privacy@hordus.ai.
21. Automated Analysis
Hordus may use automated tools, including AI systems, to analyze business websites, prompts, AI answers, citations, sources, competitors, audit findings, and content opportunities.
These tools support business recommendations and content workflows.
Hordus does not use automated decision-making to make legal or similarly significant decisions about individuals.
22. Aggregated and De-Identified Data
We may create aggregated, statistical, or de-identified data from use of the Services.
We may use such data to:
- Improve the Services.
- Develop benchmarks.
- Analyze market trends.
- Improve security and performance.
- Create product insights.
- Publish aggregated insights that do not identify Customers or individuals.
We will not attempt to re-identify de-identified data except as permitted by law.
23. Third-Party Websites and Services
The Services may link to or analyze third-party websites, AI platforms, search engines, social networks, forums, publishers, analytics tools, content platforms, or integrations.
Hordus is not responsible for the privacy practices, security practices, content, or policies of third parties.
24. Data Processing Addendum and Subprocessors
Where required, Hordus’s Data Processing Addendum and Subprocessor information are available upon request.
Requests may be sent to privacy@hordus.ai.
25. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
Updated versions will be posted on the Hordus website with a new “Last Updated” date.
If changes are material, we may provide additional notice by email, dashboard notice, or other reasonable means.
26. Contact
For privacy questions or rights requests:
Hordus AI Ltd.
Harakevet 58
Tel Aviv, Israel
Email: privacy@hordus.ai
For security issues:
Email: nir@hordus.ai