1. Who we are

DebunkTheAI.com is an editorial website focused on analysis, reviews, and commentary about AI tools and AI-enabled software. For the purposes of applicable data protection laws, DebunkTheAI.com is the controller of personal data collected through this website unless this policy states otherwise.

2. Scope

This Privacy Policy applies to information collected through the website, related emails, subscription forms, contact forms, comments, analytics tools, affiliate-link tracking mechanisms, and other online interactions connected to DebunkTheAI.com. It does not apply to third-party websites, services, tools, merchants, or platforms linked from this site.

3. Data we collect

Modern privacy notices are expected to clearly identify categories of personal data collected, the purposes for collection, and third-party access [web:158]. We may collect the following categories of information:

4. How data is collected

Privacy guidance in 2026 emphasizes clearly describing how data is collected and why [web:158]. We may collect information:

• Directly from you when you contact us, subscribe, comment, or otherwise submit information.
• Automatically through cookies, similar technologies, analytics tools, server logs, and affiliate-tracking mechanisms.
• From third-party services that help us operate the website, such as hosting, analytics, email delivery, anti-spam, affiliate networks, or content delivery providers.

5. How we use data

Current privacy checklists stress that data collection purposes should be explicitly stated and limited to specific uses [web:158][web:172]. We may use personal data to:

• Operate, maintain, secure, and improve the website.
• Respond to messages, correction requests, and business inquiries.
• Send newsletters or updates where you have requested them or where otherwise permitted by law.
• Measure traffic, engagement, and content performance.
• Detect fraud, abuse, unauthorized access, or technical problems.
• Administer affiliate relationships and understand referral performance.
• Comply with legal obligations, enforce terms, and protect rights, property, and safety.

6. Legal bases for processing

Where the GDPR or similar laws apply, we process personal data only where we have a valid legal basis. Depending on the context, that legal basis may be:

• Consent: for example, where you opt in to non-essential cookies or subscribe to marketing emails.
• Legitimate interests: for website administration, analytics, security, editorial operations, and business improvement, provided those interests are not overridden by your rights.
• Performance of a contract or pre-contractual steps: where you request information or a service from us.
• Legal obligation: where processing is required to comply with applicable law, regulation, tax, accounting, or law-enforcement requests.

Modern WordPress privacy compliance guidance also expects websites to identify these legal bases in the policy where relevant [web:164].

7. Cookies and tracking technologies

Privacy and affiliate-compliance guidance in 2026 emphasizes that websites using analytics, cookies, or affiliate tracking should explain those technologies and, where required, obtain consent before non-essential tracking occurs [web:165][web:167][web:171]. This website may use:

• Strictly necessary cookies to operate the site, maintain security, and preserve basic preferences.
• Analytics cookies or tags to understand site usage, traffic sources, and content performance.
• Affiliate-tracking technologies to attribute referral traffic and commissions when users click partner links.
• Consent-management cookies to remember your privacy preferences.

Where legally required, we will seek your consent before placing or activating non-essential cookies or similar tracking technologies. You can also manage cookies through your browser settings, though some site functions may not work correctly if certain cookies are disabled.

8. Sharing and disclosure of personal data

Privacy policies are expected to identify third parties with access to personal data and the categories of data involved [web:158]. We may disclose personal data to the following categories of recipients where necessary:

• Hosting providers, security services, CDN providers, and technical infrastructure partners.
• Analytics providers and website performance tools.
• Email delivery and newsletter providers.
• Anti-spam, fraud prevention, and moderation services.
• Affiliate platforms, merchants, or referral-tracking providers.
• Professional advisers, auditors, insurers, and legal counsel.
• Regulators, law enforcement, courts, or other authorities when required by law or to protect rights and safety.
• A buyer or successor in connection with a merger, sale, reorganization, or transfer of assets.

We do not sell personal information for monetary consideration in the ordinary meaning of that phrase. However, some privacy laws define “sell” or “share” broadly enough that certain analytics, advertising, or affiliate-tracking arrangements may fall within those definitions, so users should read the California notice below carefully [web:159][web:161].

9. International data transfers

Because our service providers, infrastructure, and technology partners may operate in multiple countries, personal data may be processed outside your country, including outside the European Economic Area or the United Kingdom. Where required, we take reasonable steps intended to ensure such transfers are made under appropriate safeguards, such as contractual protections or other lawful transfer mechanisms.

10. Data retention

Current privacy guidance expects websites to disclose retention practices [web:158]. We retain personal data only for as long as reasonably necessary for the purposes described in this policy, including to:

• Provide the website and associated services.
• Maintain records of consent and privacy choices.
• Respond to correspondence and support requests.
• Meet legal, tax, accounting, and compliance obligations.
• Resolve disputes and enforce agreements.

Retention periods vary by data type and context. For example, server logs and analytics data may be retained for limited technical or reporting periods, while business correspondence may be retained longer where necessary for legal or operational purposes.

11. Data security

We use reasonable administrative, technical, and organizational measures designed to protect personal data from unauthorized access, disclosure, alteration, loss, or misuse. No internet-based service can guarantee absolute security, and you provide information at your own risk. If we become aware of a data incident requiring notice under applicable law, we will take steps consistent with those legal requirements.

12. Your privacy rights

Depending on your location, you may have rights regarding your personal data, including rights to:

• Know or access the personal data we hold about you.
• Request correction of inaccurate personal data.
• Request deletion of personal data, subject to legal exceptions.
• Object to certain processing or request restriction of processing.
• Withdraw consent where processing is based on consent.
• Request portability of certain personal data.
• Opt out of certain sales, sharing, profiling, targeted advertising, or similar activities where applicable.
• Lodge a complaint with a supervisory authority or regulator if you believe your rights have been violated.

To exercise a privacy right, email [email protected]. We may need to verify your identity before processing certain requests.

13. California privacy notice

California privacy rules in effect in 2026 require businesses to clearly disclose the categories of personal information collected, the purposes for using it, and whether personal information is sold or shared, and they also place emphasis on honoring opt-out signals such as Global Privacy Control where applicable [web:159][web:160]. If you are a California resident, you may have rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of certain sales or sharing of personal information [web:159][web:160].

Subject to applicable thresholds and exemptions, California residents may also have the right to limit the use and disclosure of sensitive personal information and to be free from unlawful discrimination for exercising privacy rights [web:159].

Categories collected

During the prior 12 months, we may have collected the categories described in Section 3 above, including identifiers, internet activity information, communications, marketing and consent data, commercial/referral data, and user-generated content.

Sale or sharing

We do not knowingly sell personal information for money. However, some uses of analytics, referral tracking, or third-party marketing technologies may be considered “sharing” or a “sale” under California law depending on the technical setup and legal interpretation [web:159][web:161]. If your implementation uses such technologies, you should provide an appropriate “Do Not Sell or Share My Personal Information” mechanism and honor valid opt-out preference signals where legally required [web:159].

Global Privacy Control

Where required by law and technically implemented on the site, we will recognize a valid browser-based Global Privacy Control signal as a request to opt out of applicable sale or sharing activities [web:159].

14. Children’s privacy

This website is not directed to children under the age of 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal information through this website, contact us and we will take appropriate steps to investigate and, if appropriate, delete the information.

15. Changes to this policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. When we do, we will revise the “Effective date” at the top of this page. Material changes may also be communicated through the website or by other appropriate means.

16. Contact us

If you have questions about this Privacy Policy, want to submit a privacy request, or need to contact us regarding personal data, please email [email protected].