GDPR & Data Protection Notice
This notice summarises how we process personal data under the GDPR, the categories of data involved, the legal bases we rely on, and the rights available to data subjects in the EEA and UK context where applicable.
1
We process personal data to provide the service, secure accounts, manage billing, and meet legal obligations.
2
Our main legal bases are contract performance, legitimate interests, and legal obligations.
3
You can exercise GDPR rights by contacting us and we will respond within the legally required timeframe.
Scope and controller
SeoAuto.ai acts as the controller for personal data processed in connection with the website, account registration, dashboard usage, support communications, and billing operations.
This notice applies to personal data processed under applicable European data protection standards, including the GDPR where relevant.
Categories of data and purposes
| Category | Purpose |
|---|---|
| Identity and account data | Account creation, login, support, account security |
| Billing and transaction data | Payments, invoices, tax and accounting records |
| Usage and content data | Page generation, dashboard features, service delivery |
| Technical and security data | Fraud prevention, performance monitoring, incident response |
| Support and communication data | Responding to requests, operational follow-up, dispute handling |
Legal bases for processing
- Performance of a contract: to create your account, provide features, and process purchases.
- Legitimate interests: to secure the service, prevent abuse, investigate incidents, and improve reliability.
- Legal obligation: to meet tax, accounting, compliance, and lawful disclosure requirements.
- Consent: where a specific optional processing activity requires consent under applicable law.
International transfers and processors
We may use service providers located in multiple jurisdictions. Where personal data is transferred internationally, we use appropriate contractual or legal safeguards when required.
Processors may include hosting, communications, support, analytics, payment, and infrastructure providers acting under contractual instructions.
Retention periods
We retain data for as long as needed to provide the service, maintain lawful business records, resolve disputes, and meet security or compliance obligations.
When deletion is requested and no lawful retention need remains, we remove or anonymise data within a reasonable operational period.
Your GDPR rights
- Right of access to personal data we hold about you.
- Right to rectification of inaccurate or incomplete data.
- Right to erasure where continued retention is not legally required.
- Right to restriction of processing in certain circumstances.
- Right to data portability where applicable.
- Right to object to certain processing based on legitimate interests.
- Right to lodge a complaint with a competent supervisory authority.
How to exercise your rights
To make a GDPR-related request, contact info@yunsoft.com from the email address linked to your account and describe the request clearly.
We may ask for additional verification where needed to protect account security and respond within the legally applicable timeframe.