LEGAL // PRIVACY_POLICY

Privacy Policy

Last updated: June 2026  ·  Effective immediately

Overview

CipherSEO takes privacy seriously. This policy explains what data we collect, why we collect it, and what we do with it. The short version: we collect the minimum needed to run scans and deliver reports, we don't sell anything to anyone, and we don't want your data any more than you want us to have it.

What we collect

When you use the free scan, we process the URL you submit and the public content of that page. When you purchase the fix report, our payment provider collects your email address and payment details.

  • URLs you submit — and the publicly visible content of those pages (text, structure, screenshots), which we process to generate your report
  • Scan results — scores and generated reports, cached so your results stay consistent and re-scans work
  • Email address — collected at checkout by Lemon Squeezy for paid report delivery, or if you explicitly ask us to email you a report
  • Payment information — processed entirely by Lemon Squeezy; we never see or store card details
  • An anonymous cookie — a random ID that tracks free-scan usage (see Cookies below)
  • IP address — used transiently for rate limiting and abuse prevention
  • Anonymous usage analytics — page views and scan completions, in aggregate

We do not collect names, phone numbers, addresses, or anything else we don't need. There are no accounts, so there are no passwords to leak.

How we use your data

  • To run your scan and generate your report — the entire point of the product
  • To deliver paid reports and provide your permanent report URL
  • To enforce the free-scan limit and protect the service from abuse
  • To improve scoring quality, using aggregated and anonymized scan data
  • To respond when you contact support

We do not sell your data, share it with advertisers, or use your email for marketing you didn't ask for. If we ever launch a newsletter, it will be opt-in, with a working unsubscribe link.

Third-party services

CipherSEO uses the following third-party services to operate. Page content you submit is shared with them only to the extent needed to produce your report:

  • Anthropic — AI analysis of scanned copy
  • Google PageSpeed Insights — performance scoring
  • Serper — live search results and competitor data
  • Jina AI — page content extraction
  • ScreenshotOne — visual screenshot capture
  • Lemon Squeezy — payment processing (merchant of record); their privacy policy governs checkout data
  • Cloudflare — DNS, CDN, and bot protection (Turnstile)

Each provider receives only what it needs: the AI sees page text, the screenshot service sees the URL, the payment provider sees the payment. Nobody gets the whole picture except us, and we barely want it.

Data retention

  • Scan caches are retained to keep results consistent and power re-scans; they refresh automatically when your page content changes
  • Paid report URLs are permanent by design — that's a feature you paid for. Want one deleted? Email us and it's gone
  • The freemium cookie expires after 1 year
  • IP-based rate-limit records are short-lived and roll over daily

Your rights

Depending on where you live (GDPR in the EU/UK, CCPA in California, and similar laws elsewhere), you may have the right to access, correct, delete, or export the personal data we hold about you, and to object to or restrict certain processing.

In practice, since we hold almost nothing: email [email protected] and we'll show you what exists, delete it, or hand it over — usually within a few days, not the statutory thirty. We will never discriminate against you for exercising a privacy right.

Cookies

CipherSEO sets exactly one cookie: an anonymous random ID (httpOnly, 1-year expiry) that tracks whether your free scan has been used and links your paid report to your browser. It contains no personal information and tracks you across exactly zero other websites.

There are no advertising cookies, no cross-site trackers, and no 47-toggle consent banner — because we didn't put anything in your browser worth a banner. Cloudflare's bot protection may set its own functional cookie during the security check; that one belongs to Cloudflare.

Changes to this policy

If we change this policy, we'll update the date at the top. If we ever change it in a way that matters — new data collected, new ways it's used — we'll say so plainly rather than burying it in clause 14(b)(iii).

Contact

Privacy questions, data requests, or anything else: [email protected] — or use the help page. A human (the only one here) reads everything.