Privacy policy
Privacy Policy
SerpGoblin turns your Search Console and Analytics signals into a ranked SEO work queue. This policy explains what data we collect, why we use it, and the controls available to account owners.
What We Collect
We collect account information such as your email address, authentication details, and workspace settings. When you connect Google Search Console or Google Analytics, we store the authorization details needed to keep that connection working.
We also process the project URLs, Search Console properties, Analytics properties, query and page metrics, generated recommendations, brief drafts, notes, and status changes you create or ask SerpGoblin to create.
Like most web applications, we may process technical information such as IP address, browser type, request metadata, timestamps, error logs, and security events.
How We Use Data
We use your data to authenticate users, operate the application, connect to authorized Google properties, rank SEO opportunities, generate briefs, measure outcomes, maintain security, fix bugs, and communicate product or account updates.
Generated recommendations are based on the search and analytics data you authorize us to process. You remain responsible for reviewing recommendations before publishing, changing, or deleting content on your own sites.
Google API Data
SerpGoblin only accesses Google data after an account owner completes the OAuth flow. We use Google Search Console and Google Analytics data to show connected properties, identify SEO issues, prepare briefs, and measure whether shipped work improved search performance.
OAuth access tokens and refresh tokens are encrypted at rest. You can disconnect Google integrations from the app, and you may also revoke access from your Google Account.
SerpGoblin's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy , including the Limited Use requirements.
Sharing
We do not sell your personal information or Google user data. We may share limited data with service providers that help us host, secure, monitor, deliver, and improve the service. Those providers may only process data for the purposes needed to provide the service to you.
We may disclose information when required by law, to protect the service, to investigate abuse, or as part of a merger, acquisition, financing, or sale of assets.
Retention And Controls
We keep account, project, integration, recommendation, and measurement data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and maintain security.
Account owners can update account settings, disconnect Google integrations, delete project records where the product allows it, or request that the operator of this SerpGoblin deployment help with access, correction, export, or deletion requests.
Security
We use technical and organizational safeguards designed to protect data in transit and at rest, including encrypted OAuth tokens, secure browser sessions, access controls, and operational monitoring.
No system is perfectly secure. If you believe your account or connected data has been compromised, contact the SerpGoblin operator for your workspace promptly.