This Privacy Policy explains how Strabella LLC d/b/a SEOVIA (“Seovia,” “we,” “us,” or “our”) collects, uses, stores, and protects your information when you use our platform at seovia.org and related services (the “Service”). By using the Service, you consent to the practices described in this policy.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- Full name
- Email address
- Password (stored in hashed form)
- Company or business name (if provided)
- Website URL
1.2 OAuth and Third-Party Data
When you connect third-party accounts, we may receive:
- Google: Name, email, profile picture, Analytics data, Search Console data, Google Business Profile data
- Facebook: Name, email, profile picture
- Microsoft: Name, email, profile picture
- Reddit: Username, access tokens for posting on your behalf
- Shopify: Store information, product data, site content
1.3 Usage Data
We automatically collect information about how you interact with the Service, including:
- Pages visited and features used
- Actions taken (audits run, content generated, keywords tracked)
- Device information (browser type, operating system, screen resolution)
- IP address and approximate geographic location
- Referring URLs and session duration
1.4 Content Data
We process content you create or provide through the Service, including website data submitted for audits, AI-generated content, keyword lists, and business information used for local SEO.
2. How We Use Information
We use the information we collect for the following purposes:
- Service Delivery: To provide, maintain, and operate the Service, including running SEO audits, generating content, tracking keywords, and managing automations.
- AI Processing: To power AI features, including sending relevant data to AI providers (such as Anthropic's Claude) for content generation and analysis. We send only the minimum data necessary for each request.
- Analytics and Improvement: To understand how the Service is used, identify bugs, optimize performance, and develop new features.
- Communication: To send transactional emails (account confirmations, billing receipts, security alerts), product updates, and, with your consent, marketing communications.
- Security: To detect, prevent, and respond to fraud, abuse, and security incidents.
- Legal Compliance: To comply with applicable laws, regulations, and legal requests.
3. Third-Party Services
We use the following categories of third-party services to operate the platform:
| Service | Purpose | Data Shared |
|---|---|---|
| Anthropic (Claude AI) | AI content generation and analysis | Prompts, website content, keywords |
| DataForSEO | Keyword data, SERP data, backlink analysis | Domain names, keywords |
| Google APIs | Analytics, Search Console, OAuth | OAuth tokens, analytics queries |
| Payment Processor | Subscription billing | Payment details (handled by processor) |
| OAuth Providers | Social login (Google, Facebook, Microsoft) | Authentication tokens |
Each third-party service is governed by its own privacy policy. We encourage you to review those policies. We do not sell your personal information to third parties.
4. Data Storage & Security
We implement industry-standard security measures to protect your data:
- Database: Your data is stored in PostgreSQL databases hosted on secure, managed infrastructure with automated backups.
- Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
- Encryption at Rest: Sensitive data, including passwords and OAuth tokens, is encrypted at rest using industry-standard encryption algorithms.
- Access Controls: Access to production data is restricted to authorized personnel only, with role-based access controls and audit logging.
- Monitoring: We employ continuous monitoring and alerting to detect and respond to potential security incidents.
While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
5. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete personal data.
- Deletion: Request deletion of your personal data, subject to our legal obligations and legitimate interests.
- Export: Request a portable copy of your data in a commonly used, machine-readable format.
- Opt-Out: Opt out of marketing communications at any time by clicking the unsubscribe link in any email or updating your notification preferences in account settings.
- Restriction: Request that we restrict processing of your personal data under certain circumstances.
- Objection: Object to processing of your personal data where we rely on legitimate interests as the legal basis.
To exercise any of these rights, please contact us at support@seovia.org. We will respond to verified requests within 30 days.
7. Data Retention
We retain your personal data for the following periods:
- Active Accounts: We retain your data for as long as your account remains active and as needed to provide the Service.
- After Termination: Upon account termination, you have a 30-day window to export your data. After this period, we will delete or anonymize your personal data within 90 days, except where retention is required by law or for legitimate business purposes (e.g., billing records, dispute resolution).
- Aggregated Data: We may retain anonymized, aggregated data indefinitely for analytics and service improvement purposes. This data cannot be used to identify you.
- Legal Obligations: We may retain certain data as required by applicable tax, accounting, or other legal obligations.
8. International Users
Seovia is operated from the United States. If you access the Service from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate.
European Economic Area (EEA) and United Kingdom Users: If you are located in the EEA or UK, we process your personal data in compliance with the General Data Protection Regulation (GDPR) and UK GDPR. Our legal bases for processing include:
- Contract Performance: Processing necessary to provide the Service you have subscribed to.
- Legitimate Interests: Processing for analytics, security, and service improvement, balanced against your rights and interests.
- Consent: Where required, we obtain your explicit consent before processing (e.g., marketing communications, analytics cookies).
For cross-border data transfers, we rely on Standard Contractual Clauses (SCCs) or other appropriate safeguards as required by applicable law.
9. Children
The Service is not directed to and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe a child under 18 has provided us with personal information, please contact us at support@seovia.org.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the “Last Updated” date at the top of this page.
- Notify you via email or through a prominent notice within the Service.
Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the revised policy. We encourage you to review this page periodically.
11. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
For GDPR-related inquiries, you may also contact the supervisory authority in your jurisdiction.
