Privacy Policy
1. Who We Are
AiDoesSEO is operated by AI Solutions Ireland, a company incorporated in Dublin, Ireland ("we", "us", or "our"). We are the data controller for personal data processed through the AiDoesSEO platform.
For all privacy-related enquiries, including data subject requests, please contact us at info@aidoesseo.com.
2. What Data We Collect
We collect the following categories of personal data:
| Category | Examples | Source |
|---|---|---|
| Account data | Name, email address, password (hashed) | You, at registration |
| Billing data | Subscription plan, billing history (card details are held by Stripe, not us) | Stripe payment processor |
| Website data | Domain(s), Google Search Console tokens, Google Analytics tokens | You, during onboarding |
| Usage data | Pages visited, features used, API calls, content generated | Automatically, during use |
| Technical data | IP address, browser type, device type, session identifiers | Automatically, during use |
| Session recordings | Mouse movements, clicks, scroll depth (anonymised by default) | Microsoft Clarity |
| Communications | Support messages sent via WhatsApp or email | You, when contacting us |
We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us immediately.
3. How We Use Your Data
We use your personal data to:
- Create and manage your account and provide the Service.
- Process payments and manage your subscription via Stripe.
- Connect to your Google Search Console and Analytics to generate SEO insights and reports.
- Generate and publish AI-driven content on your behalf as directed by you.
- Send transactional emails (account verification, password reset, content notifications).
- Analyse how users interact with the platform in order to improve usability and features.
- Comply with legal obligations and protect our legal interests.
We do not sell your personal data to third parties. We do not use your data for automated decision-making that produces legal or similarly significant effects.
4. Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (EU) 2016/679, we rely on the following legal bases:
- Contract (Art. 6(1)(b)): Processing necessary to perform our contract with you — account management, service delivery, billing.
- Legitimate Interests (Art. 6(1)(f)): Product analytics, fraud prevention, and improving the Service, where not overridden by your rights.
- Legal Obligation (Art. 6(1)(c)): Compliance with tax, accounting, and other applicable Irish/EU law.
- Consent (Art. 6(1)(a)): Where we ask for your consent for optional processing (e.g. marketing communications), which you may withdraw at any time.
5. Third-Party Services
We share data with the following third parties only as necessary to provide the Service:
- Stripe Inc. — Payment processing. Stripe stores your card details and billing information under their own privacy policy (stripe.com/ie/privacy). Stripe is certified to the EU–US Data Privacy Framework.
- Microsoft Clarity — Session recording and heatmap analytics. Clarity collects anonymised behavioural data (mouse movements, clicks, scrolls) to help us understand how users interact with the platform. Microsoft's privacy policy is available at privacy.microsoft.com.
- Google LLC — We access your Google Search Console and Google Analytics data using OAuth tokens you explicitly grant. We do not share this data with any other party.
- Hostinger International Ltd. — Our web hosting provider. Your data is stored on servers within the EU.
6. Cookies
We use the following cookies:
| Cookie | Purpose | Type |
|---|---|---|
| Session cookie (PHP) | Keeps you logged in during your session | Essential |
| CSRF token | Protects against cross-site request forgery attacks | Essential |
| Stripe cookies | Fraud prevention and checkout flow | Functional |
| Microsoft Clarity | Session recordings and heatmaps for UX improvement | Analytics |
Essential and functional cookies are required for the Service to operate and cannot be disabled. Analytics cookies (Clarity) are set once you use the platform. If you wish to opt out of Clarity, you can do so via clarity.microsoft.com/optout.
7. Data Retention
We retain your personal data for as long as your account is active. Upon account deletion we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or tax compliance purposes (typically 7 years under Irish Revenue rules for financial records).
Usage logs and analytics data are retained for a maximum of 24 months.
8. Your Rights Under GDPR
As an EU/EEA resident you have the following rights in relation to your personal data:
- Right of access: Obtain a copy of your personal data.
- Right to rectification: Correct inaccurate or incomplete data.
- Right to erasure ("right to be forgotten"): Request deletion of your data in certain circumstances.
- Right to restriction: Ask us to restrict how we use your data.
- Right to data portability: Receive your data in a structured, machine-readable format.
- Right to object: Object to processing based on legitimate interests or for direct marketing.
- Right to withdraw consent: Where processing is based on consent, withdraw it at any time.
To exercise any of these rights, email us at info@aidoesseo.com. We will respond within 30 days. You also have the right to lodge a complaint with the Irish Data Protection Commission (dataprotection.ie).
9. International Data Transfers
Your data is primarily stored on servers within the EU (Hostinger). Where we share data with processors outside the EEA (e.g. Stripe in the USA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on an adequacy decision or certification scheme such as the EU–US Data Privacy Framework.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:
- HTTPS encryption for all data in transit.
- Passwords stored as bcrypt hashes (cost factor 12).
- CSRF tokens on all state-changing requests.
- Strict HTTP security headers (HSTS, X-Frame-Options, CSP).
- Access to production data restricted to authorised personnel only.
No method of transmission over the internet is 100% secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the Data Protection Commission in accordance with GDPR requirements.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a notice in the platform. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes are posted constitutes your acceptance of the revised policy.
12. Contact
For any privacy-related questions, data subject requests, or concerns, please contact us at:
AI Solutions Ireland
Dublin, Ireland
Email: info@aidoesseo.com