PRIVACY PROTOCOL
Your operational security is our priority. Here's exactly how we handle your data.
TL;DR - QUICK BRIEF
- →We collect only essential data needed to provide our services
- →Your data is encrypted in transit and at rest
- →We never sell your data to third parties
- →You can request data deletion at any time
DATA COLLECTION
Account Information
When you create an account, we collect your email address and authentication credentials. This data is essential for providing our services and securing your account.
Analysis Data
When you analyze a website, we temporarily process the target URL and its publicly accessible content. Analysis results are stored in your account for your reference.
Payment Information
Payment processing is handled entirely by Stripe. We do not store or have access to your full credit card details. We only receive confirmation of successful transactions.
Usage Analytics
We collect anonymized usage data to improve our services. This includes pages visited, features used, and general interaction patterns. No personally identifiable information is included.
HOW WE USE YOUR DATA
Service Provision
Your data is primarily used to provide the SEO analysis services you request. This includes processing website scans, generating reports, and maintaining your analysis history.
Service Improvement
Anonymized, aggregated data helps us improve our analysis algorithms and user experience. Individual user data is never used for this purpose.
Communication
We may use your email to send important service updates, security alerts, and (with your consent) marketing communications. You can opt out of marketing emails at any time.
DATA PROTECTION
Encryption
All data transmitted to and from our servers is encrypted using TLS 1.3. Data at rest is encrypted using AES-256 encryption standards.
Access Control
Access to user data is strictly limited to authorized personnel who require it for service operation. All access is logged and audited.
Infrastructure Security
Our infrastructure is hosted on enterprise-grade cloud platforms with SOC 2 Type II compliance. We employ multiple layers of security including firewalls, intrusion detection, and regular security audits.
DATA RETENTION
Account Data
Your account data is retained for as long as your account remains active. Upon account deletion, personal data is permanently removed within 30 days.
Analysis History
Website analysis reports are retained in your account until you choose to delete them or close your account.
Logs and Analytics
Server logs are retained for 90 days for security and debugging purposes. Anonymized analytics data may be retained indefinitely.
YOUR RIGHTS
Access & Portability
You have the right to request a copy of all personal data we hold about you. Contact us to receive an export of your data in a machine-readable format.
Rectification
If any of your personal data is inaccurate, you have the right to request correction. Most data can be updated directly in your account settings.
Erasure
You can request deletion of your personal data at any time. Note that this will result in permanent loss of your analysis history and account access.
Objection
You can object to specific processing activities, particularly marketing communications. We will comply with your objection unless we have compelling legitimate grounds.
THIRD-PARTY SERVICES
Payment Processing
Stripe handles all payment processing. Their privacy policy governs the handling of your payment information: stripe.com/privacy
Authentication
We use Supabase for authentication services. User credentials are securely managed according to industry best practices.
Analytics
We may use third-party analytics services to understand usage patterns. These services receive only anonymized data.
QUESTIONS OR CONCERNS?
For any privacy-related inquiries, data requests, or concerns, contact our Data Protection Officer.
privacy@killseo.com