← SEOcraftAITerms of Service

Privacy Policy

Last updated: April 3, 2026

This Privacy Policy explains how SEOcraftAI ("we", "us", "our") collects, uses, and protects information about you when you use our AI-powered SEO content generation platform and related services.

1. Information We Collect

  • Account information: Name and email address when you sign up via Google or email/password.
  • Site and content data: Website URLs, business descriptions, target audiences, keywords, article content, and scheduling data you create within the platform.
  • Integration credentials: API keys, webhook URLs, and authentication tokens you provide to connect third-party CMS platforms (WordPress, Shopify, Webflow, etc.). These are encrypted at rest.
  • Billing information: Subscription plan, credit balance, and transaction history. Payment processing is handled by Dodo Payments — we do not store raw card data.
  • Automatically collected: IP addresses, device type, browser, and usage patterns for security, abuse prevention, and service improvement.

2. How We Use Your Information

We use the information we collect to:

  • Deliver the SEOcraftAI service — generating content, managing your calendar, and publishing to connected platforms
  • Process payments and manage your subscription and credit balance
  • Send transactional emails (billing receipts, security alerts, usage notifications)
  • Detect and prevent abuse, fraud, and unauthorized access
  • Improve and debug the service using aggregated, anonymized usage data
  • Comply with legal obligations

We do not use your content to train AI models, and we do not sell your personal data to third parties.

3. AI Processing

When you use AI features, your prompts and business context are sent to Google Gemini (our AI provider) to generate content. This processing is governed by Google's terms and privacy policy. Do not submit secrets, sensitive personal data, or confidential information you are not permitted to share with third-party processors.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area:

  • Contract performance: Processing necessary to deliver the service you signed up for
  • Legitimate interests: Security monitoring, fraud prevention, and service improvement
  • Consent: Marketing communications (you may withdraw at any time)
  • Legal obligation: Retaining transaction records as required by applicable law

5. Information Sharing

We may share your data only in these circumstances:

  • Connected CMS platforms: Content and credentials are transmitted to platforms you have authorized (WordPress, Shopify, Webflow, custom webhooks)
  • AI provider: Google Gemini processes prompts to generate content
  • Payment processor: Dodo Payments processes billing transactions
  • Infrastructure providers: Cloud providers for hosting and database services, all under data processing agreements
  • Legal requirements: To comply with applicable laws, court orders, or government requests

We never sell, rent, or trade your personal data.

6. Data Retention

  • Account data: Until you delete your account, plus 30 days for recovery
  • Integration credentials: Deleted immediately upon disconnecting a platform or deleting your account
  • Article and keyword data: Until you delete it or close your account
  • Transaction and billing records: 6 years (legal/tax requirement)
  • Usage logs: 90 days rolling
  • Aggregated analytics: Up to 26 months in anonymized form

7. Data Security

We protect your data using:

  • TLS encryption for all data in transit
  • Encryption at rest for stored integration credentials and API keys
  • Access controls limiting who can access production systems
  • Regular security reviews

We will notify affected users promptly in the event of a confirmed data breach affecting personal data. No method of transmission or storage is 100% secure.

8. Your Rights

Depending on your location, you may have the right to:

  • Access: Request a copy of the data we hold about you
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (“right to be forgotten”)
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: For any processing based on consent

To exercise any of these rights, email privacy@seocraftai.com. We will respond within 30 days. EU/EEA residents may also lodge a complaint with their local data protection authority.

9. Cookies

  • Essential cookies: Required for authentication and session management. These cannot be disabled.
  • Analytics: Privacy-focused, anonymized analytics to understand how the service is used. No personal data is shared with advertising networks.

We do not use third-party advertising or tracking cookies.

10. Children's Privacy

SEOcraftAI is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. Contact privacy@seocraftai.com if you believe a minor has provided us with personal data.

11. International Data Transfers

Your data may be processed in countries where our infrastructure providers operate. Where required, we ensure appropriate safeguards are in place (such as standard contractual clauses) to protect your data during international transfers.

12. Third-Party Links

We are not responsible for the privacy practices of third-party websites or platforms linked from our service. Please read their privacy policies before providing any personal data.

13. Changes to This Policy

For material changes, we will notify you by email or via a prominent notice in the dashboard at least 30 days before the change takes effect. Continued use of SEOcraftAI after that date constitutes acceptance of the updated policy.

14. Contact

Privacy inquiries: privacy@seocraftai.com

General support: support@seocraftai.com

© 2026 SEOcraftAI. All rights reserved.