Free SEO Audit
Legal

Privacy Policy

Last updated:22 May 2026

Privacy Policy Terms of Use
In plain English

This site collects very little data. The only personal information I receive directly is what you send me through a contact or audit form, or by email. The site also uses Google Analytics to understand how visitors find and use it.

I don't run email marketing sequences, I don't share data with third parties for advertising, and I don't sell anything you give me. If you want me to delete the information you've sent, email hello@zainseo.com and I will.

The full version is below.

1. Who I am

This website (zainseo.com) is run by Zain Rafique, a freelance SEO and WordPress consultant based in London, United Kingdom, trading as ZainSEO.

I act as the data controller for any personal information collected through this site.

To contact me about anything in this policy, email hello@zainseo.com.

2. What information I collect

I collect personal information in three situations:

(a) When you contact me directly

If you fill in a form on this site — for example the free SEO audit form, or a contact form — or send me an email, I collect:

  • Your name
  • Your email address
  • Your website URL (if you provide it)
  • Any message or context you choose to include

(b) When you visit the site

The site uses Google Analytics 4, which collects anonymous information about your visit, including:

  • Approximate location (country / region level, not your address)
  • Device type and browser
  • Pages visited and time on page
  • How you found the site (search, direct, referral)

Google Analytics uses cookies to do this. You can opt out at any time using a browser extension like Google's official opt-out.

(c) Technical logs

My hosting provider (Hostinger) keeps server logs for security and diagnostics, including IP addresses. These are kept for a limited period by the host and are not used by me directly.

3. Why I collect it, and the lawful basis

Under UK GDPR I need a lawful basis to process your personal data. Here's what applies:

What Why Lawful basis
Contact / audit form data To reply, deliver the audit, or quote a project Legitimate interest / Contract
Google Analytics data Traffic understanding, content improvement Consent
Server logs Security and abuse prevention Legitimate interest

I do not use your data for automated decision-making or profiling.

4. How long I keep it

  • Form / email enquiries that don't lead to work: up to 12 months, then deleted. If you ask me to delete sooner, I will.
  • Client records (once we've worked together): 7 years after the work ends, because UK tax and accounting rules require it.
  • Google Analytics: retained for 14 months, then automatically deleted by Google.
  • Server logs: retained by my hosting provider per their policy.

5. Who I share it with

I share personal information only with services I need to actually run the business:

  • Google (Google Analytics, Gmail if I reply to you from a Gmail account)
  • Hostinger (website hosting)
  • My SEO plugin (Yoast SEO or Rank Math — these don't transmit personal data off-site, but may generate analytics using cookies)

I do not sell, rent, or share your information with advertisers, marketing companies, or data brokers.

If we work together, I may also use a payment processor (e.g. Stripe, Wise, or bank transfer) and an accounting tool for invoicing. They handle their own data under their own privacy policies.

If any of these change materially, I'll update this policy.

6. International transfers

Some of the services above (Google, Stripe) are based in the United States. Where personal data is transferred outside the UK, it's protected by appropriate safeguards — typically the UK International Data Transfer Agreement or the EU-US Data Privacy Framework.

7. Your rights

Under UK GDPR you have the right to:

  • Access the personal information I hold about you
  • Correct any information that's wrong
  • Delete your information ("right to be forgotten")
  • Restrict or object to how I process it
  • Receive a copy of your information in a portable format
  • Withdraw consent at any time (where I rely on consent)

To exercise any of these, email hello@zainseo.com. I'll respond within 30 days, usually much sooner.

You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk if you're unhappy with how I've handled your data.

8. Cookies

This site uses a small number of cookies:

  • Essential cookies — needed for the site to work (e.g. WordPress session cookies if you log in, which only applies to me)
  • Analytics cookies — Google Analytics, used to understand traffic patterns
  • No advertising or tracking cookies are used by me

A cookie banner on the site lets you accept or reject non-essential cookies. You can also clear or block cookies through your browser settings at any time.

9. Security

I take reasonable care to protect personal information:

  • The site runs on HTTPS (encrypted connection)
  • WordPress, plugins, and themes are kept updated
  • Backups are stored off-site
  • Access to client data is limited to me

That said, no online service can promise perfect security. If I ever become aware of a data breach affecting your information, I'll notify you and the ICO as required by law.

10. Children

This site is not intended for anyone under 16, and I do not knowingly collect data from children. If you believe a child has sent me information, email hello@zainseo.com and I'll delete it.

11. Changes to this policy

If this policy changes, I'll update the "Last updated" date at the top. Material changes (the kind that actually affect how your data is handled) will be highlighted on the site for at least 30 days.

12. Contact

For anything in this policy:

Questions about this policy?

Email hello@zainseo.com
Site zainseo.com
Based in London, UK