📋 Privacy Policy

How We Use Your Information

We use your data for legitimate business purposes, each with a clear legal basis:

Service Delivery (Contractual Basis):

• Provide and maintain our SEO autocomplete influence services
• Process payments and manage your subscription
• Deliver campaign reports and performance analytics
• Provide customer support and technical assistance

Legal Compliance (Legal Obligation):

• Tax reporting and financial record keeping
• Anti-fraud and security monitoring
• Compliance with data protection laws and regulations
• Respond to legal requests and protect our rights

Legitimate Interests (Where Legally Permitted):

• Improve service performance and user experience
• Analyze usage patterns to enhance our technology
• Send important service announcements and updates
• Detect and prevent abuse or fraudulent activity

With Your Consent (Where Required):

• Marketing communications (you can opt-out anytime)
• Non-essential cookies and analytics
• Optional features that require additional data processing

Every piece of data has a job to do. We don't collect stuff just because we can—there's always a legitimate reason backed by solid legal ground.

Cookies and Tracking Technologies

We use cookies and similar technologies in compliance with global privacy laws including the EU ePrivacy Directive and similar regulations:

Essential Cookies (No Consent Required):

• Session management and user authentication
• Security features and fraud prevention
• Load balancing and site functionality
• Shopping cart and form data preservation

Analytics Cookies (Consent Required):

• Google Analytics for usage statistics and performance monitoring
• Heatmap tools to understand user interaction patterns
• A/B testing platforms for service improvements

Marketing Cookies (Consent Required):

• Retargeting pixels for relevant advertising
• Social media integration features
• Campaign attribution and conversion tracking

You can manage your cookie preferences through our consent banner or browser settings. Rejecting non-essential cookies won't break the service, but might limit some features. We respect Global Privacy Control (GPC) signals where legally required.

Third-Party Services and Data Sharing

We work with trusted partners who help us deliver our services:

Payment Processing:

• Stripe: Secure payment processing and subscription management
• Tax calculation services for compliance with local tax laws

Infrastructure and Security:

• Cloud hosting providers with appropriate security certifications
• Content delivery networks (CDNs) for performance optimization
• Security monitoring and threat detection services

Analytics and Marketing:

• Google Analytics and similar platforms (with consent)
• Email service providers for transactional and marketing communications
• Customer support platforms for ticket management

All third parties are vetted for security and privacy practices. We use data processing agreements (DPAs) and standard contractual clauses (SCCs) where required. We don't sell your data to anyone, ever.

We pick our partners like we pick our friends—carefully, with high standards, and with proper contracts in place.

International Data Transfers

We may transfer your data internationally to provide our services, but we do it safely:

Transfer Safeguards:

• EU adequacy decisions for transfers to approved countries
• Standard Contractual Clauses (SCCs) for other transfers
• Additional technical safeguards like encryption and access controls
• Transfer Impact Assessments for high-risk destinations

Primary Data Locations:

• EU/EEA for European users where technically feasible
• United States with appropriate safeguards for global operations
• Regional data centers where required by local laws

We don't transfer data to countries with inadequate privacy protections unless absolutely necessary and with maximum safeguards. If you're in a jurisdiction requiring data localization, we comply with those requirements.

Automated Decision-Making and AI

We use some automated systems and AI in our service delivery:

Campaign Optimization: Our algorithms automatically adjust campaign parameters based on performance data to improve results. You can request human review of any automated decisions that significantly affect your campaigns.

Fraud Detection: We use automated systems to detect suspicious activity and protect against abuse. If your account is affected by an automated decision, you can appeal and request human review.

Content Recommendations: We may suggest keywords or improvements based on algorithmic analysis of your data and market trends. These are recommendations, not binding decisions.

Under GDPR Article 22 and similar laws, you have the right not to be subject to purely automated decision-making with significant effects. Our systems include human oversight and appeal processes.

Data Retention and Deletion

We keep your data only as long as necessary:

Active Accounts: We retain your data while your account is active and you're using our services.

After Account Closure:

• Personal data: Deleted within 90 days unless legal retention required
• Financial records: Retained for tax and accounting purposes (typically 7 years)
• Legal claims: Data related to ongoing disputes retained until resolution
• Anonymized analytics: May be retained indefinitely after anonymization

Backup Systems: Data in backup systems is deleted according to our backup rotation schedule (typically within 1 year).

You can request deletion of your data at any time, subject to legal retention requirements. We'll confirm deletion within 30 days of completing the process.

We're not digital hoarders. When data outlives its purpose, it gets the boot. Clean storage, clear conscience.

Security Measures

We protect your data like it's our own (because legally, we're responsible for it):

Technical Safeguards:

• End-to-end encryption for data in transit (TLS 1.3)
• AES-256 encryption for data at rest
• Multi-factor authentication for account access
• Regular security audits and penetration testing
• Automated threat detection and monitoring

Organizational Measures:

• Employee privacy training and confidentiality agreements
• Role-based access controls and principle of least privilege
• Incident response procedures and breach notification protocols
• Regular privacy impact assessments for new features

Data Breach Response: If a breach occurs that poses risks to your rights and freedoms, we'll notify you and relevant authorities within 72 hours as required by law. We'll also provide clear information about what happened and what we're doing about it.

Security isn't just good practice—it's essential for trust. We take it seriously because your success depends on your data staying safe.

Children's Privacy

Our services are not intended for individuals under 16 years of age (or the local age of digital consent in your jurisdiction). We don't knowingly collect personal information from children. If we discover we've collected a child's information, we'll delete it immediately.

Parents or guardians who believe their child has provided information to us should contact [email protected] immediately.

Changes to This Privacy Policy

Privacy laws evolve, and so do our practices. We'll update this policy when necessary and notify you of material changes:

• Email notification for significant changes affecting your rights
• Banner notification on our website
• 30-day notice period before changes take effect (where legally required)

Continued use of our services after changes become effective constitutes acceptance of the updated policy. If you don't agree with changes, you can close your account before they take effect.