This Privacy Policy explains how PirateSERP (“we,” “us,” “our”) collects, uses, discloses, and protects personal information when you access or use our website and software-as-a-service platform (the “Service”).

1. Information We Collect

1.1 Information You Provide

• Account information (name, email address, organization name, login credentials).
• Support communications and any information you include in tickets or messages.
• Billing-related details (billing name, address if provided, payment status and transaction metadata).

1.2 Information Collected Automatically

• Device and browser information, IP address, approximate location derived from IP.
• Usage data (pages viewed, features used, timestamps, error logs).
• Cookies and similar technologies (see our Cookie Policy).

2. How We Use Information

• Provide, operate, and maintain the Service.
• Authenticate users and secure accounts (including two-factor authentication where enabled).
• Process payments, subscriptions, refunds, and chargeback responses.
• Monitor performance, prevent fraud/abuse, and enforce our Terms.
• Communicate about service updates, security notices, and support responses.

3. Legal Bases (GDPR)

Where GDPR applies, we process personal data based on one or more of: performance of a contract, legitimate interests (security, fraud prevention, product improvement), compliance with legal obligations, and consent (e.g., marketing where required).

4. Sharing and Disclosure

We may share information with service providers that help us run the Service (e.g., infrastructure, analytics, email delivery, payment processing). We may also disclose information to comply with law, protect rights and safety, and respond to lawful requests.

5. Payments

Payments are processed by third-party processors (e.g., Stripe). We do not store full payment card numbers on our servers. Payment providers may process your information under their own policies.

6. Data Retention

We retain personal information as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary based on the type of data and legal requirements.

7. Security

We use reasonable administrative, technical, and physical safeguards to protect information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Your Rights

8.1 GDPR Rights

• Access, correction, deletion, restriction, objection, and portability (as applicable).
• Lodge a complaint with a supervisory authority.

8.2 California Rights (CCPA/CPRA)

• Right to know, delete, correct, and opt out of certain disclosures as applicable under law.
• We do not sell personal information as that term is defined under the CCPA.
• We do not discriminate for exercising privacy rights.

9. International Transfers

If you access the Service from outside the United States, your information may be transferred to and processed in the United States or other jurisdictions. Where required, we use lawful transfer mechanisms (such as Standard Contractual Clauses).

10. Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this policy from time to time. The “Last Updated” date reflects the effective date of the latest version.