Legal

Privacy Policy

Last updated: January 18, 2025

This Privacy Policy explains how AI Business Insight Pty Ltd (ABN 68 681 570 543), trading as SEO ANALYSER, handles your personal information in compliance with Australian Privacy Principles, GDPR, and US state privacy laws.

1. Who we are

AI Business Insight Pty Ltd (ABN 68 681 570 543), trading as SEO ANALYSER ("SEO ANALYSER", "we", "us", "our"), owns and operates the website https://seoanalyser.com.au and related SaaS products (collectively, the "Services").

Privacy enquiries: [email protected]

2. Scope of this Privacy Policy

This Policy explains how we handle "personal information" under:

The Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs);
GDPR/UK GDPR for users in the EEA and UK; and
US state laws such as the California Consumer Privacy Act (CCPA) and Nevada SB 220.

3. What we collect

Category	Examples	Collected from
Account Data	Name, email, business name, password hash	Account creation
Payment Data	Last-4 digits of card, expiry, billing postcode (via Stripe)	Checkout
Scan Data	URLs audited, audit results, settings, white-label logos	Audit runs
Usage & Device Data	IP address, cookie ID, browser type, OS, pages viewed	Cookies, pixels
Marketing Data	Newsletter preferences, ad IDs	Forms, emails, partners
Support Records	Chat logs, emails, bug reports	Support channels
Aggregated Statistics	De-identified audit trends	Derived internally

Free Visitor Audits

We set a first-party cookie and log IP addresses to enforce the "four-audits-per-domain-per-24-hours" limit. No other personal details are required.

4. How we collect information

We collect personal information:

Directly from you (forms, emails, support channels)
Automatically via cookies, pixels, and log files
Through integrated third-party services (e.g., Stripe, Google Analytics)
From publicly available sources (e.g., WHOIS, SERP data)

5. Why we use your information

Purpose	AU legal basis	GDPR basis
Provide, maintain & secure Services	APP 3, 6	Contract, Legitimate interests
Process payments & manage billing	APP 3	Contract
Enforce fair-use & prevent fraud	APP 6	Legitimate interests
Send service/marketing emails	APP 6/7	Consent (marketing), Legitimate interests (service)
Improve product & analytics	APP 6	Legitimate interests
Meet legal & tax obligations	APP 3, 6	Legal obligation

You may opt out of marketing emails anytime via the unsubscribe link.

6. Role as Processor vs Controller

Data Controller

For most activities, we act as the data controller (deciding purposes and means of processing).

Data Processor

When you upload Customer Content or run audits involving third-party personal data, we act as your data processor and handle that content strictly on your instructions, never for our own benefit.

7. Disclosure to third parties

Recipient	Purpose	Location
Stripe Payments	Payment processing, fraud prevention	AU, USA
OVH Australia	Cloud infrastructure	AU
Google LLC	Analytics and advertising services, APIs, and authentication	USA
AWS-SES	Transactional & marketing email	USA
Retention.com	Email retargeting	USA
Moz	Software Company	USA
Professional advisers	Accounting, legal services	AU
Government bodies	Compliance with applicable laws	As required

Important Notice

We do not sell personal information under CCPA/Nevada laws, nor do we use your data to develop or train general-purpose AI/ML models.

8. International transfers

If your data is transferred outside Australia, we rely on:

OVH Australia and Stripe's binding corporate rules or Standard Contractual Clauses (SCCs)
Contractual clauses ensuring privacy standards similar to APPs or GDPR

9. Cookies & online advertising

Cookie type	Purpose	Lifespan
Essential	Login sessions	24 hours
Audit-limit	Enforcing audit quotas	24 hours
Analytics	Traffic analysis (GA4, GSC)	2 years
Retargeting	Showing targeted ads (Retention.com)	Up to 1 year

You can block cookies in your browser, although some website features might be impacted.

10. Data retention & deletion

Data set	Retention
Free-tier audit data	3 days
Pro Plan audits	Life of account + 90 days
Payment records	7 years (for tax purposes)
Support logs	5 years
Backup archives	Rolling 30–90 days

Early data-deletion requests will be honoured unless legal obligations require otherwise.

11. Security

We implement industry-standard security measures including:

TLS 1.3
AES-256 encryption at rest
Multi-factor authentication (MFA)
Role-based access controls

Regular security testing
24×7 monitoring
Incident response procedures
Employee security training

Important: While we strive for robust security, no internet transmission is 100% secure.

12. Your rights

Region	Key rights
Australia	Access and correction (APP 12-13)
EEA/UK	Access, rectify, erase, restrict, portability, object, withdraw consent
California	Access, delete, correct, opt-out of "sale/sharing", limit sensitive PI
Nevada	Opt-out of data "sale" (we do not sell)

To exercise your rights, email [email protected]. We respond to all valid requests within 30 days (Australia) or one calendar month (EU/UK GDPR).

13. Children's Privacy

Age Restriction

Our services are not intended for users under the age of 18. We do not knowingly collect personal information from minors. If we learn that we've collected personal data from a minor, we will promptly delete it.

If you believe a minor's data has been collected, contact us immediately at [email protected].

14. Complaints

For any privacy concerns or complaints, please email [email protected].

If unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or your local data protection authority.

15. Changes to this Policy

We may update this Privacy Policy periodically. Any material changes will be communicated via email (for registered users) or site notification at least 30 days before taking effect. Regularly reviewing this Policy is recommended.

16. Contact

To request to review, update, or delete your personal data, please contact us. To ask questions or comment about this privacy Policy and our privacy and data protection practices, contact us via:

[email protected]

Legal Disclaimer

This Privacy Policy is designed to comply with applicable privacy laws including the Australian Privacy Principles (APPs), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

Note: This privacy policy is for informational purposes and should not be considered as legal advice. For specific legal questions, please consult with a qualified attorney.