Privacy Policy

Last updated: June 3, 2026

1. Controller

GOLDENWING Creative Studios e.U.
Owner: Mag. Deni Khachukaev
Czeikestraße 4/21, 1100 Vienna, Austria
Email: privacy@seowing.io · full details in the Imprint.

This policy covers three areas: the seowing.io website, your account and billing (app.seowing.io / api.seowing.io), and the SEOWing plugin that runs on your own WordPress site.

2. Data We Process

  • Website: standard server logs (IP address, browser type, timestamp, requested page) for security and operation. No advertising or cross-site trackers.
  • Account: when you register, we store your email address, a securely hashed password and, optionally, your name.
  • Billing: plan, subscription status, renewal/expiry dates, invoice amounts and your Stripe customer and subscription identifiers. Card data is handled by Stripe, not by us (see section 4).
  • License & updates: when the plugin validates your license or checks for updates, our server receives your license key, the domain(s) where the plugin is active, the plugin/WordPress/PHP version and the update channel.
  • Policy enforcement: the plugin may send your site domain and a suspected industry category to our server so we can enforce our prohibited-industry policy (see the Terms). No page content is transmitted for this.
  • Contact: if you email us (sales, support or legal), we process the information you send in order to respond.

We do not sell your data and do not use it for advertising.

3. Legal Bases (GDPR Art. 6)

  • Contract, Art. 6(1)(b): account, license, billing and support, to provide the service you purchased.
  • Legal obligation, Art. 6(1)(c): retention of invoices and accounting records under Austrian law.
  • Legitimate interest, Art. 6(1)(f): security, server logs, fraud and abuse prevention, and enforcing our prohibited-industry policy.

4. Payments (Stripe)

Payments are processed by Stripe Payments Europe, Ltd. (Ireland) and affiliated Stripe entities. When you subscribe, Stripe processes your name, email, billing address, VAT ID (if provided) and payment details. We receive from Stripe only what we need to manage your subscription (status, amounts, identifiers), never your full card number. Stripe may transfer data outside the EU under EU Standard Contractual Clauses. See Stripe's privacy policy at stripe.com/privacy. Legal basis: performance of the contract.

5. Cookies & Local Storage

The website uses no advertising or analytics cookies. The account portal stores a single login token in your browser's local storage so you stay signed in; it is essential for the portal to function and is not used for tracking. Stripe's checkout and customer portal may set their own cookies that are necessary for payment security.

6. The Plugin Runs on Your Site

SEOWing runs inside your own WordPress installation. Your SEO data, content, settings and analysis results stay in your WordPress database on your own hosting. We have no access to them.

7. Optional Integrations (Your Own Keys)

  • In-admin AI assistant: optional. It uses your own OpenAI, Anthropic or Gemini API key, stored encrypted in your WordPress. When you use it, your prompts and the relevant site content are sent to the AI provider you chose, governed by that provider's terms. We do not receive that data.
  • Other integrations (for example SEMrush) likewise use your own API keys and are subject to the respective provider's policy.

8. MCP Access

The plugin can expose its tools over the Model Context Protocol, secured by a per-site token that you control. That traffic flows between your WordPress site and your own MCP client. We do not see or store it.

9. Storage & Retention

  • Account & license records: kept for the life of your account and license.
  • Invoices & accounting data: kept for 7 years as required by Austrian tax law.
  • Server logs: kept for a limited period, then deleted.
  • Emails: kept as long as needed to handle your request.

10. Processors & Hosting

We host the website and the account/license server on infrastructure located within the EU, under data processing agreements. Payment processing is handled by Stripe (section 4). Each processor receives only the data needed for its task.

11. Your Rights (GDPR)

  • Right to access your data
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise any of these, contact privacy@seowing.io. You also have the right to lodge a complaint with a supervisory authority, in Austria the Datenschutzbehörde (dsb.gv.at).

12. Changes

We may update this policy. Changes will be posted on this page with an updated date.

13. Contact

Email: privacy@seowing.io
Operator: GOLDENWING Creative Studios e.U., Vienna, Austria (see Imprint)
Website: https://seowing.io