Privacy Policy

Effective Date: December 25, 2024

1. Introduction

PageSEO ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SEO recommendation service.

We comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Profile picture (if provided via authentication provider)

2.2 Website Data

To provide our service, we collect:

  • Domain names you add to your account
  • Google Search Console data (search queries, impressions, clicks, position data)
  • Page metadata (titles, descriptions, headings) from your websites

2.3 Usage Data

We automatically collect:

  • Service usage patterns (recommendations viewed, actions taken)
  • Technical data (browser type, device information, IP address)
  • Session and activity logs

3. How We Use Your Information

We use your information to:

  • Provide personalized SEO recommendations
  • Analyze your website performance data
  • Send service-related communications
  • Improve our service and develop new features
  • Comply with legal obligations
  • Prevent fraud and abuse

4. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract: To provide the service you requested
  • Legitimate Interest: To improve and secure our service
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: To comply with applicable laws

5. Data Sharing

We share your data with:

  • Service Providers: Hosting (Vercel), database (Neon), authentication (Clerk), analytics
  • API Providers: Google Search Console API, OpenAI (for AI features)
  • Legal Requirements: When required by law or to protect our rights

We do not sell your personal information to third parties.

6. Data Retention

We retain your data as follows:

  • Account Data: For as long as your account is active
  • Search Console Data: Up to 90 days
  • Page Metadata: Up to 90 days from the most recent crawl
  • Usage Logs: Up to 30 days
  • Crawl Jobs: Up to 7 days (completed/failed)
  • Recommendation History: Stored while the related site remains in your account

The data export feature is provided for data access and portability and does not delete your data. To delete a site and its associated data, you can delete the site within the product. To request deletion of your account or other personal data, contact us at privacy@pageseo.ai.

7. Your Rights

Under GDPR and CCPA, you have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to certain processing activities
  • Withdraw Consent: Revoke consent at any time

To request access or portability, use the data export feature in your account settings. To delete a site and its associated data, delete the site within the product. For all other requests (including account deletion), contact us at privacy@pageseo.ai.

8. Security

We implement appropriate security measures including:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Secure authentication via Clerk
  • Regular security audits and testing
  • Access controls and logging
  • Secure token storage with encryption

9. Third-Party Services

We use the following third-party services:

  • Clerk: Authentication and user management
  • Vercel: Hosting and infrastructure
  • Neon: Database hosting
  • Google: Search Console API
  • OpenAI: AI-powered recommendations
  • Upstash: Rate limiting and caching

Each service has its own privacy policy governing their data practices.

10. Google API Services

PageSEO's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we:

  • Only request the minimum necessary scope (webmasters.readonly) to provide our service
  • Use Google Search Console data solely to generate SEO recommendations for you
  • Do not use Google data for advertising purposes
  • Do not sell Google user data to third parties
  • Do not use Google data to build user profiles for advertising
  • Store Google API credentials securely with AES-256-GCM encryption
  • Allow you to revoke access at any time through Google Account settings or our service

11. Cookies

We use essential cookies for:

  • Authentication and session management
  • Security (CSRF protection)
  • User preferences

We do not use advertising or tracking cookies.

12. International Data Transfers

Your data may be processed in the United States where our service providers are located. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where required.

13. Children's Privacy

Our service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

15. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at:

  • Email: privacy@pageseo.ai
  • Data Controller: PageSEO

If you are in the EU and believe your rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority.