Privacy Policy
Last updated: February 22, 2026
This Privacy Policy explains how BESTLIVING MARBELLA S.L. ("we", "us", "our"), operating as Secret AI SEO, collects, uses, shares, and protects your personal data when you use our website and services at secretaiseo.com. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and applicable Spanish data protection laws.
1. Who We Are
The data controller responsible for your personal data is:
- Company: BESTLIVING MARBELLA S.L.
- CIF (Tax ID): B21851084
- Registered Address: Terrazas de Gualadmina, 29670 Marbella, Spain
- Email: info@secretaiseo.com
- Country of Registration: Spain
2. Data We Collect
We collect and process the following categories of personal data:
| Category | Details |
|---|---|
| Device Identifiers | Unique device identifiers (UUID) generated when you use our application |
| Account Information | Email address provided when you register for an account |
| Website Data | URLs you submit for SEO analysis and the resulting SEO analysis reports |
| Payment Information | Payment details processed securely by Stripe. We do not store full credit card numbers on our servers. |
| Cookies & Usage Data | Information about how you interact with our website, including IP addresses, browser type, pages visited, and session data |
3. How We Use Your Data
We use your personal data for the following purposes:
- Providing our services: To perform SEO analysis on submitted URLs, generate reports, and deliver SEO optimization widgets
- Processing payments: To handle subscriptions, one-time purchases, and billing through Stripe
- Service communications: To send transactional emails such as account confirmations, analysis completion notifications, and billing receipts
- Improving our services: To analyze usage patterns, diagnose technical issues, and enhance the quality and performance of our platform
- Outreach communications: With your consent, to send promotional updates, SEO tips, and product announcements. You may opt out at any time.
4. Legal Basis for Processing (GDPR Article 6)
We process your personal data based on the following legal grounds:
- Contract performance (Art. 6(1)(b)): Processing necessary to provide you with our SEO analysis services, manage your account, and fulfill subscription obligations
- Legitimate interest (Art. 6(1)(f)): Processing necessary for our legitimate business interests, such as improving our services, preventing fraud, and ensuring platform security — provided these interests are not overridden by your fundamental rights
- Consent (Art. 6(1)(a)): Where you have given explicit consent, such as for marketing communications and optional analytics cookies. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
- Legal obligation (Art. 6(1)(c)): Processing necessary to comply with legal requirements, including tax record keeping, fraud prevention, and responding to lawful requests from authorities
5. Cookies
We use cookies and similar technologies to operate and improve our services. The types of cookies we use include:
Essential Cookies
Required for the basic operation of our platform. These include session cookies that maintain your login state and ensure security. These cannot be disabled.
Analytics Cookies (Optional)
Help us understand how visitors interact with our website by collecting anonymous usage statistics. These are only set with your consent.
Preference Cookies
Store your preferences, such as your selected language, to provide a personalized experience.
For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.
6. Data Sharing
We share your personal data only with trusted third-party processors who assist us in delivering our services. We do not sell your personal data to anyone.
| Third Party | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment details, email, billing address |
| SendGrid | Email delivery | Email address, name |
| OpenAI | AI-powered SEO analysis | Website URLs and page content submitted for analysis (no personal identifiers) |
Each of these processors is bound by data processing agreements and processes data only on our instructions and in accordance with applicable data protection laws.
7. International Data Transfers
Some of our third-party processors (Stripe, SendGrid, OpenAI) are based in the United States. When personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Supplementary technical and organizational measures to protect your data
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
| Data Type | Retention Period |
|---|---|
| Account data | Retained while your account remains active and for 30 days after account deletion |
| SEO analysis data | Retained for 2 years from the date of analysis |
| Payment records | Retained for 6 years as required by Spanish tax and commercial law |
| Cookies & usage data | Retained for the duration specified in our Cookie Policy |
9. Your Rights Under GDPR
As a data subject, you have the following rights under the General Data Protection Regulation:
- Right of Access (Art. 15): Request a copy of the personal data we hold about you
- Right to Rectification (Art. 16): Request correction of inaccurate or incomplete personal data
- Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations
- Right to Restriction (Art. 18): Request that we restrict the processing of your personal data in certain circumstances
- Right to Data Portability (Art. 20): Receive your personal data in a structured, commonly used, and machine-readable format
- Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing purposes
- Right to Withdraw Consent (Art. 7(3)): Withdraw your consent at any time where processing is based on consent, without affecting the lawfulness of prior processing
- Right to Lodge a Complaint: File a complaint with the Agencia Española de Protección de Datos (AEPD), the Spanish Data Protection Authority, at www.aepd.es
10. How to Exercise Your Rights
You may exercise any of the rights described above by contacting us at:
- Email: info@secretaiseo.com
- Opt-out page: Manage your communication preferences
We will respond to your request within 30 days. We may request verification of your identity before processing your request. If we need additional time due to the complexity of your request, we will notify you within the initial 30-day period.
11. Data Security
We take the security of your personal data seriously and implement appropriate technical and organizational measures, including:
- SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols
- Secure Storage: Personal data is stored on secure, access-controlled servers with encryption at rest
- Access Controls: Access to personal data is limited to authorized personnel who need it to perform their duties, with role-based access controls and audit logging
- Regular Security Reviews: We periodically review and update our security practices to address emerging threats
12. Children's Privacy
Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without appropriate parental consent, we will take steps to delete that information promptly. If you believe we may have collected data from a child under 16, please contact us at info@secretaiseo.com.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify registered users via email
- Display a prominent notice on our website
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
- Company: BESTLIVING MARBELLA S.L.
- CIF: B21851084
- Address: Terrazas de Gualadmina, 29670 Marbella, Spain
- Email: info@secretaiseo.com
- Data Protection Contact: info@secretaiseo.com
For complaints, you may also contact the Spanish Data Protection Authority (AEPD) at www.aepd.es.