Privacy Policy
Last updated: September, 30. 2025
This Privacy Policy explains how SEO ELITE AWARDS (“we”, “us”, “our”) collects, uses, discloses and protects information when you visit seoeliteawards.com (the “Site”) or use our related products or services, including nominations, judging and rankings (collectively, the “Services”).
1. Information We Collect
| Category | Examples | Legal basis (GDPR/UK-GDPR) |
|---|---|---|
| Account Data | Name, company, role, email, username, password hash | Art. 6(1)(b) – contract performance |
| Nomination Data | Case studies, campaign metrics, client references, logos, judge feedback | Art. 6(1)(b); Art. 6(1)(f) – legitimate interest (run awards, verify entries) |
| Payment Data | Transaction IDs, last-4 of card, billing address (processed by Stripe or similar) | Art. 6(1)(b); compliance with legal obligations |
| Usage Data | IP, device/browser, time zone, pages viewed, referrers, feature clicks, support transcripts | Art. 6(1)(f) – legitimate interest (security, service improvement) |
| Cookie / Device Data | Session cookies, analytics IDs (e.g., GA4), consent preferences | Art. 6(1)(a) – consent (where required) |
We do not intentionally collect special categories of personal data (e.g., health, political opinions).
2. How We Use Information
- Service delivery & account administration (sites, nominations, judging, rankings).
- Analytics & product optimisation (aggregated/pseudonymised where possible).
- Security & fraud prevention (rate-limiting, abuse detection, anti-spam).
- Customer support & incident response.
- Marketing communications with your opt-in; unsubscribe anytime.
We rely on contract performance, legitimate interest, legal obligation, and—where applicable—your consent.
3. When We Share Data
- Service providers: hosting/CDN, analytics, email/SMS, payment processors—under DPAs.
- Legal compliance: to satisfy lawful requests (e.g., subpoenas, court orders).
- Business transfers: in a merger, acquisition or asset sale (users will be notified).
We never sell personal data.
4. International Transfers
Primary servers: [EU]. When data moves outside the EEA, we rely on EU Standard Contractual Clauses (SCCs).
5. Security
- TLS 1.3 in transit; AES-256 at rest (where supported by providers).
- Role-based access control (RBAC) & MFA for staff.
- Quarterly penetration testing and 24/7 intrusion monitoring.
No internet transmission is 100% secure, but we apply industry-standard safeguards.
6. Data Retention
- Account data: while the account is active + 6 months.
- Billing records: 7 years (tax/regulatory).
- Analytics logs: 18 months, then aggregated or deleted.
- Nominations & judging records: for the awards cycle and archival integrity ([X] years), unless removal is lawfully requested.
7. Your Rights
| Right | How to exercise |
|---|---|
| Access & portability | Request via dashboard or email [email protected] |
| Rectification | Update in Settings → Profile or email us |
| Erasure | Email subject “Data Deletion” to [email protected] |
| Restrict/object | Adjust cookie consents; use unsubscribe/opt-out links |
| Complaint | Contact your supervisory authority (EU/UK) |
California: we honour CCPA/CPRA rights (access, deletion, opt-out of “sale/share”—we do not sell personal information).
8. Cookies
See our Cookie Policy for categories, purposes and controls. The banner enables granular consent.
9. Children
Our Services are not directed to children under 16. If a minor has provided personal data, contact us for deletion.
10. Changes to This Policy
Material changes will be announced via a banner on the Site and/or email to your primary contact. The “Last updated” date reflects the current version.
11. Contact
Email: [email protected]
Address: [Registered Address]