SONARI
// SIGNAL CONTROL
How it worksSystemsPricingAboutSign inScan free
How it worksSystemsPricingAboutSign inScan free
← Back to Sonari

Privacy Policy

Last updated: June 25, 2026

This Privacy Policy explains how START SOLUÇÕES LTDA ("Sonari," "we," "us," or "our") collects, uses, and protects your information when you use the Sonari platform. By creating an account or using Sonari, you agree to the practices described in this policy. If you do not agree, please do not use the service.

1. Information We Collect

We collect only what is necessary to provide the Sonari service. Here is a specific breakdown of each category:

Account Data: When you register, we collect your email address and a password. Your password is never stored in readable form — it is immediately processed through bcrypt, a one-way cryptographic hashing algorithm. We store only the resulting hash. Neither Sonari staff nor any automated system can read or recover your original password.

Analysis Inputs and Results: Every time you run a Sonari tool — a site audit, keyword research query, live rank check, backlink scan, AI-visibility check, GEO/AEO analysis, or a conversation with Sonari AI — we record the inputs you provided (such as domains, keywords, and URLs) and the reports or recommendations generated in response. These records are saved to your account history so you can review past analyses at any time.

Technical and Usage Data: We collect standard technical information required to operate a web application securely and reliably. This includes your IP address, browser type and version, operating system, pages or features accessed within Sonari, timestamps of actions, and error logs. This data is used for security monitoring, performance optimization, and diagnosing technical problems.

Session Cookie: We use a single, essential, httpOnly cookie named sonari_session to keep you authenticated while you are logged in. This cookie contains a session identifier, is transmitted only over HTTPS, is inaccessible to client-side JavaScript, and expires when your session ends or you log out. We do not use advertising cookies, cross-site tracking cookies, or any non-essential cookies.

2. How We Use Your Information

We use the information we collect exclusively to operate, maintain, and improve Sonari. Specifically:

To provide the service: Your account data authenticates you. Your analysis inputs are sent to our data providers to retrieve SEO, SERP, backlink, and AI-visibility data. Your analysis results are stored to your account history so you can revisit them.

To generate AI recommendations: Inputs and retrieved data are processed by our AI language model (hosted on Groq) to produce the written recommendations and Sonari AI advisor responses you receive.

To operate the platform securely: Technical and usage data lets us detect abuse, diagnose errors, enforce our Terms of Service, and keep the system running reliably.

To communicate with you: We may use your email address to send service-critical messages, such as account verification, password reset, and material changes to this policy. We do not send marketing emails without your separate, explicit consent.

We do not use your data to build advertising profiles, train AI models on your personal inputs without your consent, or share your information with third parties for their own marketing purposes.

3. Cookies

Sonari uses exactly one cookie: sonari_session. It is strictly necessary — without it, you cannot stay authenticated while using the platform.

It is set with the HttpOnly flag, meaning it cannot be read by JavaScript running in your browser. It is transmitted exclusively over HTTPS (the Secure flag is set). It contains no persistent identifier tied to your browsing behavior outside of Sonari, and is not used for advertising or cross-site tracking. It expires at the end of your browser session or when you explicitly log out.

Because this cookie is strictly necessary for the service to function, we do not require a separate consent banner for it under applicable law. However, you can clear it at any time through your browser settings, which will log you out of Sonari.

  • Cookie name: sonari_session
  • Purpose: Session authentication (strictly necessary)
  • Type: httpOnly, Secure, first-party
  • Duration: Session (expires on logout or browser close)
  • Advertising or tracking: None

4. Third-Party Subprocessors and Data Sharing

We do not sell your personal data. We do not share your data with third parties for their independent marketing or advertising purposes. We work with a limited set of subprocessors who process data on our behalf, under contractual obligations to protect it:

DataForSEO: When you run keyword research, rank tracking, backlink scans, or SERP-related analyses, relevant inputs (such as domains, keywords, and URLs) are transmitted to DataForSEO's API to retrieve the underlying data. DataForSEO acts as a data processor for this purpose.

Groq: When you use any AI-powered feature — including site audit recommendations, GEO/AEO suggestions, and the Sonari AI advisor chat — the relevant inputs and retrieved data are sent to Groq's infrastructure, which runs the large language model that generates responses. Groq acts as a data processor for this purpose.

Vercel: Sonari is hosted on Vercel's infrastructure. Your requests to Sonari pass through Vercel's servers and edge network. Vercel processes technical data (such as IP addresses and request logs) as part of operating the hosting environment.

Stripe: Where payment processing is applicable, transactions are handled directly by Stripe. When you provide payment information, it goes to Stripe, not to Sonari. We never receive, see, or store your full card number, CVV, or other raw payment credentials.

We may also disclose information if required by law, court order, or government authority, or to protect the rights, safety, or property of Sonari, our users, or the public.

5. Data Retention and Security

We retain your account data and analysis history for as long as your account is active. If you request deletion of your account, we will delete or anonymize your personal data within a reasonable timeframe, except where retention is required by applicable law or legitimate legal obligations.

Technical and usage logs are retained for a limited period for security and diagnostic purposes, typically not exceeding 90 days, unless a specific incident requires longer retention.

No method of electronic storage or transmission is 100% secure. While we apply industry-standard protections, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at support@sonari.app.

  • Passwords: bcrypt-hashed, never stored in plain text
  • Data in transit: Encrypted via HTTPS/TLS
  • Session cookie: HttpOnly + Secure flags
  • Account deletion: Personal data deleted or anonymized on request
  • Log retention: Typically up to 90 days

6. Your Privacy Rights (LGPD and GDPR)

Depending on your location, you may have the following rights regarding your personal data. Sonari respects and supports these rights for all users, with particular attention to requirements under Brazil's Lei Geral de Proteção de Dados (LGPD) and the European Union's General Data Protection Regulation (GDPR).

Right of Access: You may request a copy of the personal data we hold about you.

Right of Correction: You may request that inaccurate or incomplete data be corrected.

Right of Deletion (Right to be Forgotten): You may request that we delete your personal data. We will honor this request unless we are legally required to retain certain data.

Right of Portability: You may request your data in a structured, machine-readable format so you can transfer it to another service.

Right to Object or Restrict Processing: You may object to certain types of processing or request that we limit how we use your data in specific circumstances.

Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, send a written request to support@sonari.app with enough information to verify your identity (such as the email address associated with your account). We will respond within the timeframe required by applicable law — typically 15 days under LGPD and 30 days under GDPR, with the possibility of a single extension where the request is complex.

If you are located in Brazil, you also have the right to file a complaint with the Autoridade Nacional de Proteção de Dados (ANPD). If you are in the European Union or EEA, you may lodge a complaint with your local supervisory authority.

7. Children

Sonari is intended for users who are 18 years of age or older. We do not knowingly collect personal data from anyone under 18.

If you are a parent or guardian and believe your child has created an account or submitted personal data through Sonari, please contact us at support@sonari.app and we will promptly investigate and delete any such data.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our service, or applicable law. When we make material changes, we will notify you by email (to the address associated with your account) and/or by posting a notice within the Sonari application prior to the change taking effect.

The updated policy will be effective as of the date indicated at the top of the document. Your continued use of Sonari after that date constitutes your acceptance of the updated policy.

9. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or how we handle your personal data, please contact us at support@sonari.app.

Operating entity: START SOLUÇÕES LTDA, under the laws of Brazil. We aim to respond to all privacy-related inquiries within 5 business days and to fulfill formal rights requests within the legally required timeframes. For verified account deletion or data export requests, please include your registered email address and a brief description of your request.

Sonari is operated by START SOLUÇÕES LTDA · CNPJ 43.236.832/0001-14.PrivacyTermsRefundsAboutContact

Stop guessing. Start ranking.

See where you show up on Google and AI, why competitors beat you, and the exact plan to close the gap. Free scan — results in minutes.

Scan my site — free
SONARI // SIGNAL CONTROL · ALL SYSTEMS NOMINAL
AboutPrivacyTermsRefundsContact
START SOLUÇÕES LTDA · CNPJ 43.236.832/0001-14
Sonari is an independent platform and is not affiliated with, endorsed by or sponsored by Google, OpenAI, Anthropic, Perplexity or any other third-party platform. All trademarks belong to their respective owners.