Privacy Policy

We take the protection of your personal data seriously. This policy explains in detail what we collect and how we use it, in compliance with the GDPR and Italian privacy law.

Last updated: May 2025

1. Data controller

The data controller is SEOTrafficBoost, headquartered at Via Guglielmo II, 11, 71037 Monte Sant'Angelo (FG), Italy. For any privacy-related matter, contact us at: privacy@seotrafficboost.com.

2. Personal data we collect

We collect the following categories of personal data, depending on how you interact with our website:

Data you provide directly:

  • First and last name, when you use the contact form, checkout, or custom package builder.
  • Email address, required for project communications, billing, and administrative updates.
  • Phone number, if voluntarily provided in the contact form or required during the purchase process.
  • Country of residence, collected during checkout to determine the applicable currency and tax obligations.
  • Company name and business sector, if voluntarily provided in the contact form.
  • Service details requested, package options selected, chosen add-ons, and support hours indicated in the package builder.

Data collected automatically from browsing:

  • IP address, recorded in server logs for security reasons and to prevent unauthorised access.
  • Browser type and operating system, collected to ensure site compatibility across major devices.
  • Pages visited, time spent, and navigation path within the site, collected via analytics cookies (where consent has been given).
  • Date and time of visits, used for aggregate traffic analysis.
  • Referral URL, to understand from which source traffic to the site originates.

Payment-related data:

Payment card data and sensitive financial information are never collected directly by us. Payment is processed entirely by Stripe Inc., a PCI-DSS Level 1 certified platform. We receive from Stripe only a payment confirmation, the transaction identifier, and basic customer data (name, email, country).

3. Purposes and legal basis for processing

We process your personal data for the following purposes, each with its own legal basis:

  • Contract performance: Processing service orders, project communications, issuing invoices and delivery documents. Legal basis: Art. 6(1)(b) GDPR.
  • Legitimate interest: Responding to contact form enquiries, website security, fraud prevention. Legal basis: Art. 6(1)(f) GDPR.
  • Legal obligation: Retention of accounting and tax data as required by Italian law (Presidential Decree 600/1973). Legal basis: Art. 6(1)(c) GDPR.
  • Consent: Analytics cookies and marketing communications (only where you have given explicit consent). Legal basis: Art. 6(1)(a) GDPR. You may withdraw consent at any time.

4. Data sharing and transfer

We do not sell, rent, or transfer your personal data to third parties for marketing purposes. We share data exclusively with the following parties, limited to what is strictly necessary:

  • Stripe Inc. (USA): payment processing platform. Stripe is PCI-DSS certified and adheres to the EU-USA Data Privacy Framework. Stripe privacy policy: https://stripe.com/privacy
  • Hosting provider: Our web hosting provider has access to server logs for technical and security reasons. The contract with the provider includes adequate GDPR-compliant data protection clauses.
  • Competent authorities: Where required by law, court orders, or for crime prevention and detection, we may be required to provide data to Italian tax authorities, law enforcement, or other public bodies.

Should we in future make use of additional service providers requiring access to your data, we will update this policy and, where required, seek your consent.

5. Data transfers outside the EU

Stripe Inc. is a company headquartered in the United States. The transfer of your data to Stripe occurs in compliance with GDPR safeguards, specifically through Stripe's adherence to the EU-USA Data Privacy Framework, approved by the European Commission with an adequacy decision on 10 July 2023. You can verify Stripe's certification at: https://www.dataprivacyframework.gov/

6. Data retention period

Your personal data is retained for the following periods:

  • Order data and tax documents: 10 years from the transaction date, as required by Italian tax law (Presidential Decrees 600/1973 and 633/1972).
  • Contact enquiry data: 2 years from the date of last contact, unless you request earlier deletion.
  • Server logs (including IP address): 90 days from the date of recording, unless otherwise needed for active security investigations.
  • Analytics cookies: varies by cookie type. See our Cookie Policy for details.
  • Email communications exchanged in the context of projects: 3 years from project completion.

At the end of the stated retention periods, data is securely deleted or permanently anonymised.

7. Your rights under GDPR

Under EU Regulation 2016/679 (GDPR) and the Italian Privacy Code (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018), you have the following rights:

  • Right of access (Art. 15 GDPR): You can request a copy of your personal data held by us and information about its processing.
  • Right of rectification (Art. 16 GDPR): You can request correction of inaccurate or incomplete personal data.
  • Right to erasure (Art. 17 GDPR): You can request the deletion of your personal data, within the limits provided by law (for example, we cannot delete data we are legally obliged to retain).
  • Right to restriction of processing (Art. 18 GDPR): You can request that we restrict the processing of your data in certain circumstances.
  • Right to data portability (Art. 20 GDPR): You can request to receive the data you provided to us in a structured, machine-readable format, and to transfer it to another controller.
  • Right to object (Art. 21 GDPR): You can object to the processing of your data on grounds of legitimate interest at any time.
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time without prejudice to the lawfulness of processing carried out before withdrawal.
  • Right to lodge a complaint: You have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali), reachable at www.garanteprivacy.it.

To exercise any right, send a written request to privacy@seotrafficboost.com. We will respond within 30 days. In cases of particular complexity, this period may be extended by a further 60 days, with prior notice.

8. Data security

We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, disclosure, accidental modification, or destruction. These measures include:

  • HTTPS/TLS connection for all web communications.
  • System access limited to authorised personnel with multi-factor authentication.
  • Regular data backups with limited and controlled access.
  • API keys and access credentials are stored securely and not included in public source code.
  • Payment data is handled exclusively by Stripe and never passes through our systems in sensitive form.

9. Cookies

Our site uses technically essential cookies for site functionality and optional analytics cookies for traffic understanding. For full details on cookies used, their purposes, and how to manage your preferences, see our Cookie Policy.

10. Minors

Our website and services are not intended for persons under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided personal data to SEOTrafficBoost, contact us immediately at privacy@seotrafficboost.com.

11. Changes to this policy

We reserve the right to periodically update this Privacy Policy to reflect changes to our data processing practices, applicable regulations, or technologies used. The date of the last modification is indicated at the beginning of the document. For substantial changes affecting your rights, we will notify you by email or through a prominent notice on the site.

12. Privacy contacts

SEOTrafficBoost
Via Guglielmo II, 11, 71037 Monte Sant'Angelo (FG), Italia
Email privacy: privacy@seotrafficboost.com
Tel: +39 331 635 3409
Response within 30 days.