Book a Strategy Call
Legal

Privacy Policy

Your privacy matters. This policy explains how we collect, use, and protect your information.

Last Updated: December 12, 2025Effective Date: December 12, 2025

Our Commitment to Your Privacy

SEO Hermit ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes our practices regarding the collection, use, and disclosure of information when you use our website at seohermit.com and our consulting services.

Overview

This Privacy Policy applies to all information collected through our website, services, and any related communications. By using our services, you agree to the collection and use of information in accordance with this policy.

We process personal data in compliance with applicable privacy laws, including the California Consumer Privacy Act (CCPA/CPRA), the General Data Protection Regulation (GDPR), and other applicable state and international privacy regulations.

Information We Collect

Information You Provide Directly

We collect information you voluntarily provide when you:

  • Complete contact forms or request consultations
  • Schedule meetings through our booking system (Calendly)
  • Subscribe to our newsletter or marketing communications
  • Engage with us via email, phone, or other communication channels
  • Enter into a service agreement with us

This information may include:

  • Contact Information: Name, email address, phone number, company name, job title
  • Business Information: Website URL, industry, company size, SEO goals
  • Communication Records: Messages, inquiries, and correspondence
  • Payment Information: Billing address, payment method details (processed securely by third-party payment processors)

Information Collected Automatically

When you visit our website, we automatically collect certain technical information:

  • Device Information: Browser type, operating system, device type
  • Usage Data: Pages visited, time spent on pages, click patterns, scroll depth
  • Network Information: IP address, approximate geographic location
  • Referral Data: How you arrived at our site, referring URLs

Information From Third Parties

We may receive information about you from third-party sources, including:

  • Analytics providers (Google Analytics)
  • Marketing platforms
  • Public databases and directories
  • Business partners and referral sources

How We Use Your Information

We use the information we collect for the following purposes:

Service Delivery

To provide SEO consulting services, respond to inquiries, schedule consultations, and fulfill our contractual obligations.

Communication

To send service-related communications, respond to your requests, and provide customer support.

Marketing

With your consent, to send newsletters, promotional materials, and information about our services.

Analytics & Improvement

To analyze website usage, improve our services, and optimize user experience.

Legal Compliance

To comply with legal obligations, resolve disputes, and enforce our agreements.

Security

To detect, prevent, and address technical issues, fraud, and security threats.

Information Sharing

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

Service Providers

We engage trusted third-party companies to perform services on our behalf, such as hosting, analytics, email delivery, and payment processing. These providers are contractually obligated to protect your information and use it only for the services they provide to us.

Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or when we believe disclosure is necessary to:

  • Comply with legal obligations
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing
  • Protect the personal safety of users or the public

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have regarding your information.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our website.

Types of Cookies We Use

Cookie TypePurposeDuration
EssentialRequired for basic website functionality and securitySession
AnalyticsHelp us understand how visitors interact with our website (Google Analytics)Up to 2 years
FunctionalRemember your preferences and settings1 year
MarketingTrack effectiveness of our marketing campaignsVaries

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Note that disabling cookies may affect the functionality of our website.

Global Privacy Control

We honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal, we will treat it as a valid opt-out request for the sale or sharing of your personal information under applicable laws.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

Data CategoryRetention PeriodJustification
Contact form submissions3 yearsBusiness relationship management
Client project data7 years after project completionLegal and tax compliance
Marketing communicationsUntil opt-out + 30 daysConsent management
Analytics data26 monthsWebsite improvement
Payment records7 yearsTax and legal requirements

After the retention period expires, we securely delete or anonymize your data in accordance with our data disposal procedures.

Data Security

We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

  • Encryption: Data transmitted to and from our website is encrypted using TLS/SSL technology
  • Access Controls: Strict access controls limit who can view personal information
  • Secure Infrastructure: Our hosting providers maintain SOC 2 compliant data centers
  • Regular Audits: We conduct periodic security assessments and updates

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information, subject to legal exceptions
  • Portability: Request your data in a portable, machine-readable format
  • Opt-Out: Opt out of marketing communications at any time
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests

To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within the timeframe required by applicable law (typically 30-45 days).

California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information.

Your CCPA/CPRA Rights

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You can request deletion of your personal information, with certain exceptions
  • Right to Correct: You can request correction of inaccurate personal information
  • Right to Opt-Out: You have the right to opt out of the sale or sharing of your personal information
  • Right to Limit: You can limit the use and disclosure of sensitive personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Do Not Sell or Share My Personal Information

SEO Hermit does not sell your personal information in exchange for monetary consideration. We may share information with third-party analytics and advertising partners, which may constitute "sharing" under CCPA/CPRA definitions. To opt out, please contact us or use your browser's Global Privacy Control setting.

Submit a CCPA Request

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR).

Legal Basis for Processing

Under GDPR Articles 13-14, we are required to inform you of the lawful basis for processing your personal data. The table below outlines which legal basis applies to each processing activity:

Processing ActivityLawful Basis
Providing SEO consulting servicesContract: Necessary to perform our contractual obligations
Responding to inquiries and consultationsContract/Legitimate Interest: Pre-contractual steps at your request
Sending marketing newslettersConsent: Only with your explicit opt-in consent
Website analytics (Google Analytics)Legitimate Interest: Understanding website usage to improve services
Payment processing and invoicingContract: Necessary for billing and service delivery
Tax and financial record keepingLegal Obligation: Required by tax and accounting laws
Security and fraud preventionLegitimate Interest: Protecting our systems and users
Scheduling meetings (Calendly)Contract: Facilitating service delivery at your request

Where we rely on legitimate interests, we have conducted a balancing test to ensure our interests do not override your rights and freedoms. You have the right to object to processing based on legitimate interests at any time.

International Data Transfers

Your information may be transferred to and processed in the United States, where our servers and operations are located. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission.

Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

Third-Party Services

We use the following third-party services that may collect and process data according to their own privacy policies:

Analytics & Performance

  • Google Analytics
  • Google Search Console

Hosting & Infrastructure

  • Replit
  • Cloudflare

Scheduling & Communication

  • Calendly
  • Email service providers

Fonts & Design

  • Google Fonts

Each third-party service operates under its own privacy policy. We encourage you to review their privacy practices before providing information to them.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Post a notice on our website
  • Notify registered users via email for significant changes

We encourage you to review this policy regularly to stay informed about how we protect your information. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

SEO Hermit
Keith Anderson, Data Controller
7373 E Doubletree Ranch Rd #200
Scottsdale, AZ 85258

Email: [email protected]
Phone: (888) 803-0843

For privacy-related requests, we will respond within 30 days (or sooner as required by applicable law). Please include sufficient information to verify your identity and specify the nature of your request.