SEOBot.dk ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our SEO analysis platform.

We are based in Denmark and comply with the EU General Data Protection Regulation (GDPR).

Account Data: When you sign in with Google OAuth, we collect your name, email address, and profile picture. Authentication is securely managed by Supabase and no passwords are stored by us.

Website Data: URLs you submit for scanning, SEO scan results, score history, and competitor URLs.

API Key Data: If you use our developer API, we store a hashed version of your API key (never the plaintext key), your key name, agency name, creation date, and usage counters. The full key is only shown once at creation and cannot be retrieved afterwards.

Usage Data: Anonymous analytics including pages visited, features used, and session duration — collected only with your explicit consent.

Technical Data: IP address, browser type, and device information for security and rate limiting purposes.

• Provide SEO scanning, analysis, and competitor comparison services
• Send daily SEO reports and alerts (when enabled by you)
• Improve our platform and user experience
• Prevent abuse and enforce API rate limits
• Communicate important service updates
• Surface relevant compliance information (e.g. EU NIS2 Directive) based on scanned page content

We do not sell, rent, or trade your personal data to third parties. We only share data with the following trusted sub-processors:

• Google OAuth / Supabase — for authentication and session management
• Google Analytics (GA4) — for anonymous usage analytics (only with your consent via our cookie banner)
• Brevo (Sendinblue) — for sending transactional email reports
• LemonSqueezy — for payment processing on paid plans. They handle all billing data under their own privacy policy
• OpenRouter — page content from URLs you scan is sent to OpenRouter's API for AI-powered SEO analysis. No personal account data is shared. See openrouter.ai/privacy

When you scan a URL, the page's publicly accessible text and metadata are sent to an AI provider (OpenRouter) to generate SEO insights and recommendations. This content is not linked to your personal identity and is not used to train AI models.

Our scanner may detect content related to cybersecurity or regulatory compliance (such as the EU NIS2 Directive) and surface relevant recommendations. No additional personal data is collected for this purpose.

We use essential cookies for authentication and session management. Optional analytics cookies (Google Analytics GA4) are only set with your explicit consent via our cookie banner.

You can change your cookie preferences at any time by clearing your browser cookies or revisiting the cookie banner.

Account data is retained as long as your account is active. Scan results are retained for 90 days. API key records (stored as hashed values only) are retained until you revoke them. You can request deletion of all your data at any time by contacting us.

Under GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your data ("right to be forgotten")
• Export your data in a portable format
• Object to processing of your data
• Withdraw consent at any time

To exercise any of these rights, use the contact form below or email us directly.

For privacy inquiries or to exercise your GDPR rights, use the form below: