GDPR Compliance
General Data Protection Regulation
Our Commitment to GDPR
SEOMagicPRO is fully committed to compliance with the General Data Protection Regulation (GDPR). We respect your privacy rights and ensure that your personal data is processed lawfully, fairly, and transparently.
Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract Performance: To provide our services as agreed
- Legitimate Interest: To improve our services and prevent fraud
- Legal Obligation: To comply with applicable laws
- Consent: For marketing communications (where applicable)
Your GDPR Rights
Under GDPR, you have the following rights:
Right to Access
Request a copy of all personal data we hold about you.
Right to Rectification
Correct any inaccurate or incomplete personal data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Restriction
Limit how we process your personal data.
Right to Portability
Receive your data in a portable, machine-readable format.
Right to Object
Object to certain types of data processing.
How to Exercise Your Rights
To exercise any of your GDPR rights, please:
Email us at: support@seomagicpro.com
Subject line: "GDPR Request - [Your Right]"
Include: Your name, email address, and specific request
We will respond to your request within 30 days as required by GDPR.
Data Security Measures
We implement robust security measures to protect your data:
- Encryption: SSL/TLS for data in transit, AES-256 for data at rest
- Access Controls: Role-based access with 2FA authentication
- Regular Audits: Security assessments and penetration testing
- Data Minimization: We only collect data necessary for our services
- Secure Infrastructure: Fault-tolerant systems with regular backups
- Staff Training: Regular GDPR and security training for all staff
International Data Transfers
Your data is primarily stored and processed in the UK. If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Binding Corporate Rules
Data Retention
| Data Type | Retention Period |
|---|---|
| Account Information | Duration of service + 30 days after cancellation |
| Transaction Records | 7 years (legal requirement) |
| Usage Logs | 90 days |
| Marketing Consent | Until consent is withdrawn |
| Demo User Data | 2 hours (demo duration) |
Data Breach Notification
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours
- Inform affected individuals without undue delay
- Provide details of the breach and mitigation steps
- Take immediate action to contain and remedy the breach
Supervisory Authority
If you believe we have not handled your data in accordance with GDPR, you have the right to lodge a complaint with the supervisory authority:
Data Protection Officer
For any GDPR-related questions or concerns, you can contact our Data Protection Officer:
Email: admin@seomagicpro.com
Subject: "GDPR - Data Protection Officer"
More Information
For more details about how we handle your data, please see our Privacy Policy and Cookie Policy.