Data Usage Policy
Last Updated: January 22, 2026
This Data Usage Policy (“Policy”) explains how SEO Flow collects, processes, stores, and uses data from website scans, reports, tools, accounts, and API interactions. By using the Service, you agree to this Policy.
1. Categories of Data We Collect
SEO Flow collects only the data required to operate scanning, reporting, project management, analytics, and API features.
A. Account Information
Name
Email address
Password (encrypted)
Subscription status
Billing metadata (not card details)
Saved projects & report history
We do not store payment card numbers—Stripe handles all billing.
B. Website Scan Data You Provide
When you enter a URL/domain:
We collect:
URL or domain submitted
HTML responses (publicly accessible)
Technical SEO metadata
Performance metrics
Header responses
Security indicators (HTTPS/SSL)
Resource loading data
Redirect paths
Structured data
Word count, content length, image count
Robots.txt visibility
Meta tags
We do not bypass authentication, firewalls, or restricted content.
All scans are performed only on publicly accessible information.
C. Lookup Tool Data
When using WHOIS, DNS, IP, or SSL tools, we process:
Public DNS records
Public WHOIS data
IP location metadata (approximate)
Reverse IP lookups
Redirect chain data
Certificate transparency logs
These are sources of publicly available information.
D. Automated Diagnostics Metadata
Our crawlers collect:
Response times
Status codes
Request success/failure metadata
Server types (where public)
File size and compression stats
JavaScript render-blocking details
Image optimization stats
Cache headers
This data is used to generate actionable SEO reports.
E. Public Report Data
SEO Flow may generate public reports using data that is already:
Publicly accessible
Publicly indexable
Publicly visible on the website
No private or user-only content is used in public reports.
Website owners may request modification or removal.
F. API Usage Data
For API-enabled Business/Enterprise customers:
We collect:
API request logs
Endpoint usage
Rate-limit behavior
API key identifiers
Error logs
Request timestamps
API logs are retained temporarily for security and performance monitoring.
G. Usage Analytics
To improve system reliability, we collect:
Tool usage patterns
Report generation frequency
Feature adoption
Clicks and navigation behavior
Crash/error logs
Browser and device type
IP region (not precise geolocation)
No personal browsing history is collected.
H. Billing Metadata
Stripe may provide us with:
Subscription status
Payment success/failure
Invoice metadata
We do not store credit card numbers or financial account details.
2. Data We Do NOT Collect
SEO Flow does NOT collect:
Login credentials or passwords for external websites
Private website content behind logins or paywalls
Precise geolocation
Sensitive personal data (health, biometrics, SSN, etc.)
Private emails or communications
Browser history
Metadata unrelated to SEO auditing
We do not scrape websites aggressively or bypass access restrictions.
3. How We Use Your Data
We use data to:
Generate technical SEO reports
Provide lookup, research, performance, and diagnostic tools
Analyze and improve platform reliability
Monitor usage limits and detect abuse
Save report history for your account
Support white-label and branded reports
Improve algorithms and scan accuracy
Detect unusual or malicious activity
Provide customer support
We do not sell your data or use it for advertising.
Public report data is used only for publicly visible websites.
4. Storage & Retention
We retain:
Account information → while account remains active
Reports you save → until deleted by you
API logs → 30–90 days
Temporary scan data → deleted after processing
Public reports → indefinitely unless removal is requested
Billing metadata → required by law (typically 7 years)
We minimize retention wherever possible.
5. Data Security
We use industry-standard protections, including:
HTTPS/TLS encryption
Encrypted password storage
Firewalls and server security layers
Secure API key management
Rate limiting and bot detection
Activity monitoring
Access controls for internal systems
No system is perfect, but we maintain strong safeguards.
6. Sharing of Data
Data is shared only with trusted processors required to operate the Service:
Stripe (billing)
Cloud hosting providers
Analytics and error monitoring services
Email communication tools
These partners may not use data for their own purposes.
We do not sell or rent your data.
7. Public Report Use
Some SEO summaries may be published publicly.
These use only publicly accessible data.
Website operators may request:
Correction
Removal
Review
Contact: info@seoflow.app
8. User Rights (GDPR, CCPA, Global Compliance)
You have the right to:
Access your personal data
Request data deletion
Request correction
Export your reports
Opt out of optional analytics
Request limitations on processing
Requests may be sent to info@seoflow.app
.
We verify identity before fulfilling requests.
9. Children’s Data
SEO Flow is not intended for children under 13.
We do not knowingly collect children’s personal information.
10. International Data Transfers
Your data may be processed in:
The United States
Data centers used by hosting providers
Countries where third-party processors operate
We maintain safeguards such as:
Standard Contractual Clauses
Data minimization
Security controls
11. Policy Updates
We may update this Policy as needed.
Changes take effect upon posting.
Continued use of the Service indicates acceptance.
12. Contact Information
For privacy or data usage questions:
Email: info@seoflow.app
Address:
Durant Digital LLC
30 N Gould St
#55338
Sheridan, WY 82801
USA