Privacy Policy

Last updated: February 19, 2026

AIO MySEO ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your choices regarding your data.

1. Information We Collect

Account Information

When you create an account, we collect your email address, a password (stored hashed, never in plain text), and the domain names of websites you register with the Service.

Page Content (Widget)

When the AIO MySEO widget loads on your website, it reads publicly visible page content — including headings, paragraphs, and Open Graph metadata — and sends this to our AI service to generate teasers. This content is processed in real-time and is not permanently stored beyond short-term caching.

Usage Data

We track aggregate usage metrics per account: daily teaser load counts, number of registered sites, and API request volumes. These are used for plan enforcement and service monitoring.

What We Do NOT Collect

  • No cookies on your visitors' browsers
  • No tracking pixels or analytics scripts
  • No personal information about your site visitors (no IP addresses, no device fingerprints, no browsing history)
  • No form data, login credentials, or private content from your site

2. How We Use Your Information

  • Account management: To authenticate you, manage your subscription, and provide customer support
  • Teaser generation: To process page content through our AI service and return relevant teasers
  • Service improvement: To monitor performance, fix bugs, and improve the Service
  • Communications: To send account-related notifications (billing, security, Terms changes). We do not send marketing emails without your consent.

3. Data Sharing

We do not sell, trade, or rent your personal information. We may share data with:

  • AI service providers: Page content is sent to our AI provider (currently OpenAI) for teaser generation. This content is processed per their data usage policies and is not used to train models.
  • Infrastructure providers: Our hosting (DigitalOcean) and DNS (Cloudflare) providers process requests as part of normal service delivery.
  • Payment processors: If you subscribe to a paid plan, billing information is handled by Stripe. We do not store credit card numbers.
  • Legal requirements: We may disclose information if required by law, regulation, or legal process.

4. Data Security

We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords, encrypted API keys at rest, JWT-based authentication, and rate limiting. While no system is completely secure, we take reasonable steps to protect your data.

5. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account closure.
  • Page content: Processed in real-time. Cached teasers may be retained for up to 24 hours for performance.
  • Usage logs: Aggregate usage data retained for up to 90 days for billing and analytics.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate information in your account
  • Delete your account and associated data
  • Export your account data
  • Object to or restrict certain data processing

To exercise these rights, contact us at [email protected].

7. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

8. International Data Transfers

Our servers are located in the United States. If you access the Service from outside the US, your information may be transferred to and processed in the US, subject to US data protection laws.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on our website. The "Last updated" date at the top reflects the most recent revision.

10. Contact

Questions about this Privacy Policy? Contact us at [email protected].