Privacy Policy

Introduction

This Privacy Policy explains how O2 Digital SEO Agency (“we”,”us”) processes personal data in connection with O2 Digital SEO Agency.

Controller & Contact

  • Controller: O2 Digital SEO Agency
  • Address: S6, Infirmary Road, Sheffield, South Yorkshire, S6 3DH, United Kingdom
  • Contact: office@seo2agency.com · 07965195128

Data We Process

  • Functional data necessary to deliver the site (server logs, security telemetry, session identifiers, fraud prevention).
  • Account/transactional data if you create an account, purchase, or contact us.
  • Analytics data (page views, events, approximate location, device information) if enabled and lawful.
  • Marketing/advertising identifiers where allowed by law and/or with consent.
  • Communications data (emails, contact forms, chat transcripts).

Purposes & Legal Bases

  • Provide and secure the service — contract & legitimate interests.
  • Measure and improve performance — legitimate interests or consent depending on jurisdiction.
  • Marketing/advertising — consent in opt-in regimes; opt-out mechanisms in opt-out regimes.
  • Compliance and defense of claims — legal obligation & legitimate interests.

Cookies & Similar Technologies

Details are described in our Cookie Policy. You can change your preferences via the consent banner at any time.

Sharing & International Transfers

We share data with service providers (hosting, analytics, payments, marketing, support) under contracts. International transfers are protected by appropriate safeguards (e.g., EU SCCs; UK IDTA) and risk assessments.

Retention

We keep data only as long as necessary for the purposes above and any legal retention requirements. Analytics/marketing identifiers are typically stored for 6–26 months depending on the tool and your consent.

Your Rights

Your rights depend on your local law (e.g., GDPR/UK GDPR, CPRA, PIPEDA, LGPD, POPIA). Contact us to exercise your rights; we will verify requests and respond within statutory timeframes.

Children

We do not knowingly collect personal information from children without appropriate consent and safeguards required by law.

Security

We use technical and organizational measures such as encryption in transit, access controls, monitoring, and incident response.

Contact

To exercise rights or ask questions, email office@seo2agency.com.

Roles & Processing

This DPA applies when we act as a processor for you as controller.

Security

Appropriate technical and organizational measures; assistance with DPIAs where relevant.

Sub-processors

We use vetted vendors under written contracts and remain responsible for their performance.

Breach Notification

We will notify without undue delay after becoming aware of a personal data breach affecting your data.

Transfers

Transfers outside your jurisdiction rely on SCCs/IDTA or other valid mechanisms with additional safeguards as appropriate.

California Privacy Rights (CPRA)

  • Right to know/access, delete, and correct.
  • Right to opt-out of sale/share and targeted advertising; Global Privacy Control honored.
  • Right to non-discrimination.
  • Right to limit use/disclosure of sensitive PI.

Submit requests via office@seo2agency.com.

GDPR Summary

This notice summarizes our GDPR approach: legal bases (consent, contract, legitimate interests, legal obligation), data subject rights, international transfers under SCCs, and security measures.

Scroll to Top