Privacy Policy
This Privacy Policy explains what personal data seoapp.ai (the "Service") collects, for what purpose and on what legal basis it processes it, and what rights you have. The data controller is Katarzyna Górecka, ul. Nowogrodzka 31, 00-511 Warszawa, NIP: 7412060624, contact: admin@seoapp.ai.
1. Data controller
The controller of your personal data is Katarzyna Górecka, ul. Nowogrodzka 31, 00-511 Warszawa, NIP: 7412060624.
For any data-related matters and to exercise your rights, contact admin@seoapp.ai.
2. Definitions
GDPR — Regulation (EU) 2016/679. Personal data — information about an identified or identifiable natural person. User — anyone using the Service. Controller — the entity in section 1.
3. Data we process
Account data: email address, name, password stored as an encrypted hash.
Project and content data: website addresses, keywords, briefs and content you provide, and articles generated on your request.
Integration data: access tokens for third-party services (e.g. Google Search Console) stored encrypted (see section 6).
Payment data: handled by an external payment provider — we do not store full card numbers.
Technical and usage data: IP address, device and browser type, event logs, usage metrics.
Correspondence and support chat: the content of messages you send us (including the on-site chat).
Waiting list / newsletter: an email address you provide voluntarily.
4. Purposes and legal bases
Providing the service and performing the contract — Art. 6(1)(b) GDPR.
Billing, security, service improvement and analytics — legitimate interest, Art. 6(1)(f) GDPR.
Newsletter, waiting list and optional marketing cookies — your consent, Art. 6(1)(a) GDPR (withdrawable anytime).
Tax and accounting obligations — Art. 6(1)(c) GDPR.
5. Cookies
We use cookies necessary for the Service to work (e.g. keeping you logged in) and — with your consent — analytics cookies.
You can change cookie settings in your browser at any time.
We self-host our fonts (Inter, Outfit, JetBrains Mono) on our own server — we do NOT use the Google Fonts CDN, so your IP address is not sent to Google for fonts.
6. Use of Google data (Google API Services User Data Policy)
When you connect your Google account (e.g. Google Search Console), we access selected data via Google OAuth — only within the scopes you consent to.
Our use of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
Google Search Console data (e.g. queries, clicks, impressions, positions, site properties) is used solely to provide and improve the Service's SEO features for you.
We do not sell this data, do not use it for advertising and do not share it with third parties except as permitted by Google's policy (e.g. with your consent or where required by law).
You can revoke access at any time by disconnecting the integration in the Service or in your Google account security settings.
7. Recipients
We share data with trusted processors solely to deliver the Service:
hosting/infrastructure provider; payment processor (subscriptions and invoices); email / waiting-list provider (MailerLite); AI model providers that process the content of your requests (e.g. OpenAI); Telegram — for support chat handling; Google — for the Google Search Console integration.
We do not sell personal data.
8. International transfers
Some providers (e.g. AI services) may process data outside the European Economic Area. In such cases we apply appropriate safeguards, in particular Standard Contractual Clauses approved by the European Commission.
9. Retention
We keep account data for the duration of your use of the Service and as long as needed for billing and to establish or defend claims. After account deletion, data is erased or anonymised, except where retention is legally required (e.g. accounting).
10. Your rights
You have the right to access, rectify, erase, restrict and port your data, to object and to withdraw consent at any time.
You may also lodge a complaint with a data protection authority. To exercise your rights, write to admin@seoapp.ai.
11. Automated processing
We do not make decisions based solely on automated processing that produce legal effects concerning you or similarly significantly affect you.
12. Security
We use technical and organisational measures to protect data, including encryption of sensitive data (such as integration tokens), access control and backups.
13. Children's data
The Service is not directed at persons under 16 and we do not knowingly collect their data.
14. Changes to this Policy
We may update this Policy. We will notify you of material changes in the Service or by email. The last-updated date is shown at the top.
15. Contact
For privacy matters write to admin@seoapp.ai.