Privacy Policy

Data Controller

ilumi SEO, operating in the United Kingdom and Europes. For all data protection questions or to exercise your rights, contact us at [email protected].

1. What We Collect & Why

We do not collect any personal information when you browse our site. The only data we process is:

Email address you provide during checkout or via the audit form — used solely to send your access link, audit results, or service help.
Anonymous usage data via Google Analytics 4 (no IPs or other personal identifiers are logged).

Lawful basis: • Article 6(1)(b) GDPR — necessary to perform the service (deliver your audit).
• Article 6(1)(f) GDPR — our legitimate interest to send you audit links and reminders, balanced against your privacy.

2. Cookies & Analytics

We use Google Analytics 4 to collect anonymous usage statistics. IP anonymization is built in, and no personal data is stored by us.

You can choose to accept or reject analytics cookies via the banner shown on your first visit. No tracking scripts are loaded unless you accept.

For more on Google’s practices, see Google Privacy Policy.

3. Third-Party Services & International Transfers

We engage these processors:

Stripe Inc. (USA) — payments. Transfers covered by EU/UK Standard Contractual Clauses. Stripe Privacy & SCCs
Brevo (France/USA) — transactional emails - confirmation of your payment. Transfers covered by EU/UK Standard Contractual Clauses. Brevo Privacy & SCCs
Google Ireland Ltd. (EU) — analytics. Google Privacy & SCCs

4. Data Storage & Retention

We retain your email and any inspection data for up to 90 days.

Stored securely on our cloud servers to display your audit results. Used only for audit delivery, reminders, billing, or dispute resolution. Permanently erased after 90 days using industry-standard secure deletion. We will send you an email reminder before it happens so you can export your audit data if you haven't done so.

Your unique result link expires after 90 days. You remain responsible for keeping it safe.

5. Your Rights

You have the following rights under GDPR and UK GDPR:

To exercise these rights, contact us at [email protected].

6. Children’s Privacy

Our service is not intended for individuals under 16 in the EEA or under 13 in the UK. We do not knowingly collect data from minors below these ages. If you believe we have done so, contact us to have it deleted immediately.

7. Audit Results & Liability

By requesting an audit, you confirm you are the owner or authorized representative of the domain scanned. The results reflect only publicly accessible performance information.

Exported or shared audit data leaves our system — you alone are responsible for its security once you share it. We do not track or guarantee third-party handling of those results.

8. Consulting Sessions

We collect your email and any details you voluntarily share to schedule and conduct video-call sessions. No recordings or screenshots are allowed unless explicitly agreed in advance. All consulting data is deleted after the session unless legal retention is required.

For SEM strategy sessions, any temporary access you grant to analytics tools is revoked and deleted immediately after the call.

9. Changes to This Policy

We may update this policy occasionally. Significant changes will be posted here with a new effective date and version. Continued use after changes means you accept the updated policy.

10. Protecting Our Team’s Privacy

We respect and protect our personnel’s privacy. No personal details of our team members are shared outside the company.

Contact

If you have any questions about this policy or your data, please contact us at: [email protected]