Privacy Policy

This policy explains what data Black & Gold SEO (“we,” “us”) collects, what we do with it, and the rights you have over it. We're operated by Taylor Family Software LLC, a US-registered business. If anything here is unclear, email [email protected] and we'll fix it.

What we collect

Account data (you give us)

• Email & name when you register, so we can sign you in and send transactional messages (receipts, password resets).
• Project domainsyou add (e.g. your own site's URL) so we know which site to audit.
• Payment detailshandled by Stripe — we never see or store your card number. We only retain Stripe's customer and subscription IDs.

Usage data (we observe)

• Site-embed pings— when you install our snippet on your site, it sends us the page URL, title, meta description, and a DOM snapshot so we can queue on-page SEO fixes. We do not collect your visitors' personal data.
• Product analytics — aggregate counts of runs, fixes queued, and error logs. No IP-level tracking, no third-party fingerprinting.
• Server logs — Cloudflare (our hosting provider) stores short-lived request logs for security.

Third parties we share with

We use a minimal set of processors. Each is contractually bound to data-processing terms:

• Cloudflare— hosting, CDN, KV & R2 storage, Workers runtime. Data stays in Cloudflare's global network.
• Stripe — payments. They collect card data directly via their checkout and customer portal; we only receive event webhooks (subscription created, updated, deleted).
• OpenRouter + Anthropic + Google — AI inference for audits, content generation, and page optimization. Only the content needed for a given request is sent; no account identifiers beyond project metadata.
• Resend — transactional email (receipts, outreach sends you explicitly trigger). Email content you compose (outreach pitches, etc.) is sent through Resend to the addresses you target.
• Google OAuth / Microsoft OAuth— only when you connect a mailbox for outreach. Scopes are limited to send & read on your behalf, and you can revoke anytime from your Google or Microsoft account settings.

We never sell your data. We never share it with advertisers. We don't build profiles on you to monetize elsewhere.

Your rights

Regardless of where you're located, you can:

• Access — email us and we'll send everything we have on you.
• Correct or update — edit your profile in the dashboard, or email us.
• Delete— email us and we'll permanently remove your account and associated data within 7 days, except where we're legally required to retain records (e.g. Stripe billing records for tax purposes).
• Export— we'll send you a JSON dump of your projects, runs, and fixes on request.
• Opt out of marketing — every transactional email has a working unsubscribe link. Marketing emails (if any) go to a separate opt-in list you explicitly joined.

Cookies & tracking

See our Cookie Policy for the full list. TL;DR: we use a session cookie to keep you logged in and nothing else for tracking purposes.

Data retention

• Account data: until you delete your account, then 7 days.
• Sweep / audit / perfection runs & fixes: until you delete the associated project, or 90 days after account deletion.
• Billing records: 7 years (US tax compliance).
• Server logs: 30 days.

Security

All traffic to blackandgoldseo.com and api.blackandgoldseo.com is TLS-encrypted. Passwords are hashed with a strong salt (never stored in plaintext). JWTs expire and are signed with a secret we rotate. Access to the production database is restricted to Taylor Family Software LLC personnel.

Changes to this policy

If we update this policy materially, we'll email registered users and show an in-app banner. Minor wording changes get the updated date above without notification.

Contact

Privacy questions, deletion requests, or data-export requests go to [email protected]. For billing-specific questions, email [email protected].

Postal: Taylor Family Software LLC (available on request for legal correspondence — email for our mailing address).