Re:LLMo
Sign Up

Privacy Policy

Our privacy policy and how we use your data

Last updated: March 22, 2026

1. Data Controller

The data controller is Effectix.com, s.r.o., Sokolovská 668/136d, Karlín, 186 00 Praha, Czech Republic, Company ID: 28512669, registered in the Commercial Register maintained by the Municipal Court in Prague, file number C 147031 ("we", "us" or "the Operator").

Contact: info@effectix.com

2. What Data We Collect

2.1 Account Registration Data

When you sign in using Google OAuth, we receive and store your:

  • Email address
  • Name
  • Profile picture URL

2.2 Google Search Console Data

If you connect your Google Search Console account, we access your search performance data using the webmasters.readonly scope (read-only). This includes:

  • Search performance metrics: keywords, clicks, impressions, CTR, and average position
  • Landing page URLs associated with keywords
  • List of your verified GSC properties

Your Google Search Console OAuth credentials (refresh tokens) are stored encrypted using AES-256-GCM encryption. We never store your Google password.

2.3 Payment Data

Payments are processed by Stripe. We do not store your credit card number or full payment details. We only store your Stripe customer identifier, subscription status, and billing period information.

2.4 Technical Data

We use essential cookies required for authentication and session management. We do not use any analytics, tracking, or marketing cookies.

3. Purpose and Legal Basis for Processing

PurposeLegal Basis (GDPR Art. 6)
Account creation and authenticationPerformance of contract (Art. 6(1)(b))
Providing the service (SEO analysis)Performance of contract (Art. 6(1)(b))
Processing paymentsPerformance of contract (Art. 6(1)(b))
Sending transactional emailsLegitimate interest (Art. 6(1)(f))

4. Google API Services Disclosure

Re:LLMo's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we:

  • Only use Google Search Console data to provide and improve the core functionality of the application (SEO analysis and AI Overview monitoring)
  • Do not sell Google user data to third parties
  • Do not use Google user data for advertising or retargeting purposes
  • Do not allow humans to read your Google user data unless required for security purposes, to comply with applicable law, or with your explicit consent

5. Data Sharing and Third Parties

We share your personal data only with the following third-party service providers:

  • Google — authentication and Search Console data access
  • Stripe — payment processing
  • Supabase — database and authentication infrastructure (EU-hosted)
  • Vercel — application hosting

We do not sell, rent, or trade your personal data to any third party.

6. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, all associated data (including GSC credentials, keywords, measurements, and analysis results) is permanently deleted from our systems.

Billing records may be retained for the period required by applicable tax and accounting legislation.

7. Your Rights

Under the GDPR and Czech Act No. 110/2019 Coll., you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Eraseyour data ("right to be forgotten") — you can delete your account at any time
  • Restrict processing
  • Data portability
  • Object to processing based on legitimate interest
  • Withdraw consent at any time (e.g., disconnect your Google Search Console)

To exercise these rights, contact us at info@effectix.com.

You also have the right to lodge a complaint with the Czech Office for Personal Data Protection (ÚOOÚ), Pplk. Sochora 27, 170 00 Praha 7, www.uoou.cz.

8. Data Security

We implement appropriate technical and organizational measures, including:

  • AES-256-GCM encryption for stored Google Search Console credentials
  • Row-Level Security (RLS) on the database to ensure data isolation between accounts
  • HTTPS encryption for all data in transit
  • Secure session management via Supabase Auth

9. International Data Transfers

Your data may be processed by service providers outside the European Economic Area (EEA), including Google (USA) and Stripe (USA). These transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the application.