SEOAI

Privacy Policy

Last updated: July 2026

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

AGENTUR CLICK EOOD
ul. „Solunska“ 4, fl 4
1000 Sofia, Bulgaria
Email: hello@seoai.de

2. Hosting and server log files

We host our service with Hostinger International Ltd. The servers are located in a data center in Frankfurt am Main, Germany. This processing is based on our legitimate interest in a secure and stable provision of our service (Art. 6(1)(f) GDPR).

When you access our pages, the server automatically collects technical access data (server log files), such as IP address, date and time of access, the page accessed, the amount of data transferred, and the browser's user agent. This data is used for technical provisioning, security, and error analysis, and is stored only for a short period of time.

3. Registration and user account

To use our service, you can create a user account. In doing so, we process the data you provide: name, email address, and your password, which is stored exclusively as a cryptographic hash (not in plain text). We also use session information to manage logged-in sessions.

The legal basis is the performance of the usage agreement or the implementation of pre-contractual measures (Art. 6(1)(b) GDPR). Your account data will be deleted once you delete your account, unless statutory retention obligations require otherwise.

4. Cookies

We use exclusively technically necessary cookies, in particular a session cookie that is required to recognize you during a logged-in session. These cookies are strictly necessary for the operation of the service (§ 25(2) TDDDG); the associated processing is based on our legitimate interest in the functionality and security of the service (Art. 6(1)(f) GDPR).

A consent banner is not required, as we do not use any analytics, tracking, or marketing cookies, nor any comparable technologies.

5. Data backups

To protect against data loss, we create nightly, encrypted backups of our database. These are stored with Amazon Web Services (AWS) in the Frankfurt region (eu-central-1). The processor is Amazon Web Services EMEA SARL; a data processing agreement (Art. 28 GDPR) is in place with them. Backups are stored encrypted and automatically deleted after 30 days. The legal basis is our legitimate interest in data security (Art. 6(1)(f) GDPR).

6. Future services

Sign-in via Google (Google login) and payment processing via a payment service provider are not currently active. These features will only become relevant for data protection purposes once activated. Before introducing them, we will update this privacy policy with the relevant details (data processed, recipients, legal bases).

7. Disclosure of data

Your data is only disclosed to the processors named above (hosting, backups) under data processing agreements, or where we are legally required to do so. We do not sell data.

8. Your rights

Under the GDPR, you have the following rights: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and objection to processing (Art. 21). To exercise your rights, simply send a message to hello@seoai.de.

Where processing is based on consent, you may withdraw it at any time with effect for the future.

9. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent supervisory authority for the controller is the Bulgarian Commission for Personal Data Protection (Komisia za zashtita na lichnite danni, KZLD). You may also contact the supervisory authority of your habitual residence, in Germany for instance the data protection authority responsible for your state.

10. No automated decision-making

No automated decision-making, including profiling, within the meaning of Art. 22 GDPR takes place.

11. Changes

We adapt this privacy policy whenever data processing changes or new services are introduced. The version published here at any given time applies.