Privacy Policy
Last updated: June 29, 2026
1. Who we are
seo-backlinks is operated by an EU-based entity. This Privacy Policy explains what data we collect, why, and what your rights are under the EU General Data Protection Regulation (GDPR) and similar privacy laws.
2. What we collect
When you create an account or use the Service we collect:
- Email address — for authentication and transactional emails.
- Password (hashed) — never stored or transmitted in plain text. We use argon2id.
- API key — randomly generated; you can rotate it.
- Query logs — the domains you check, with timestamps, to compute usage and show your history.
- Billing data via Stripe — payment method, name, billing address. We do not store credit-card numbers; Stripe handles all payment data per PCI-DSS Level 1.
3. What we do NOT collect
- We do not run trackers, pixels or third-party advertising scripts.
- We do not sell or share your email or query logs with third parties.
- We do not require KYC documents beyond email + password.
4. Legal basis
We process your data on the legal basis of (a) contract performance (delivering the Service you paid for) and (b) legitimate interest (preventing abuse, securing the platform). For marketing emails, we rely on opt-in consent, which you can withdraw at any time.
5. Storage and retention
Data is stored on EU servers (PostgreSQL on a dedicated VPS, Vercel for the frontend). We retain query logs for 90 days, then delete them. Account data is retained as long as your account is active; we delete it within 30 days of account deletion request.
6. Sub-processors
We rely on these third-party processors:
- Vercel — frontend hosting, edge requests.
- Stripe — payment processing.
- Resend (when enabled) — transactional emails (password reset, receipts).
- Common Crawl Foundation — source of the link graph data (no personal data exchanged).
7. Your rights
Under GDPR you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate data.
- Erase your account and associated data.
- Export your data in a portable format (JSON).
- Object to processing or withdraw consent.
- Lodge a complaint with a data protection authority.
To exercise any of these rights, email privacy@seo-backlinks.net.
8. Cookies
We use a single HTTPOnly cookie (session) to keep you logged in. No third-party tracking cookies. No cookie banner is shown because we don't track you across sites.
9. Security
All data is transmitted over HTTPS. Passwords use argon2id. Session tokens are random 32-byte values stored as HTTPOnly cookies. We never log API keys or passwords.
10. Changes
We will notify you by email and via the dashboard if this policy changes materially.
11. Contact
Email: privacy@seo-backlinks.net