Privacy Policy
Last updated: July 2026
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
AGENTUR CLICK EOOD
ul. „Solunska“ 4, fl 4
1000 Sofia, Bulgaria
Email: hello@seoai.de
2. Hosting and server log files
We host our service with Hostinger International Ltd. The servers are located in a data center in Frankfurt am Main, Germany. This processing is based on our legitimate interest in a secure and stable provision of our service (Art. 6(1)(f) GDPR).
When you access our pages, the server automatically collects technical access data (server log files), such as IP address, date and time of access, the page accessed, the amount of data transferred, and the browser's user agent. This data is used for technical provisioning, security, and error analysis, and is stored only for a short period of time.
3. Registration and user account
To use our service, you can create a user account. In doing so, we process the data you provide: name, email address, and your password, which is stored exclusively as a cryptographic hash (not in plain text). We also use session information to manage logged-in sessions.
The legal basis is the performance of the usage agreement or the implementation of pre-contractual measures (Art. 6(1)(b) GDPR). Your account data will be deleted once you delete your account, unless statutory retention obligations require otherwise.
4. Cookies
We use exclusively technically necessary cookies, in particular a session cookie that is required to recognize you during a logged-in session. These cookies are strictly necessary for the operation of the service (§ 25(2) TDDDG); the associated processing is based on our legitimate interest in the functionality and security of the service (Art. 6(1)(f) GDPR).
A consent banner is not required, as we do not use any analytics, tracking, or marketing cookies, nor any comparable technologies.
5. Data backups
To protect against data loss, we create nightly, encrypted backups of our database. These are stored with Amazon Web Services (AWS) in the Frankfurt region (eu-central-1). The processor is Amazon Web Services EMEA SARL; a data processing agreement (Art. 28 GDPR) is in place with them. Backups are stored encrypted and automatically deleted after 30 days. The legal basis is our legitimate interest in data security (Art. 6(1)(f) GDPR).
6. Future services
Sign-in via Google (Google login) and payment processing via a payment service provider are not currently active. These features will only become relevant for data protection purposes once activated. Before introducing them, we will update this privacy policy with the relevant details (data processed, recipients, legal bases).
7. Disclosure of data
Your data is only disclosed to the processors named above (hosting, backups) under data processing agreements, or where we are legally required to do so. We do not sell data.
8. Your rights
Under the GDPR, you have the following rights: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and objection to processing (Art. 21). To exercise your rights, simply send a message to hello@seoai.de.
Where processing is based on consent, you may withdraw it at any time with effect for the future.
9. Right to lodge a complaint
You have the right to lodge a complaint with a data protection supervisory authority. The competent supervisory authority for the controller is the Bulgarian Commission for Personal Data Protection (Komisia za zashtita na lichnite danni, KZLD). You may also contact the supervisory authority of your habitual residence, in Germany for instance the data protection authority responsible for your state.
10. No automated decision-making
No automated decision-making, including profiling, within the meaning of Art. 22 GDPR takes place.
11. Changes
We adapt this privacy policy whenever data processing changes or new services are introduced. The version published here at any given time applies.