Privacy Policy
Last updated: February 22, 2026
This Privacy Policy describes how AI SEO Agents ("we", "us", or "our") collects, uses, and protects your information when you use our platform and WordPress plugin (the "Service").
1. Information We Collect
1.1 Account Information
When you create an account or connect your WordPress site, we collect:
- Email address (via Cognito authentication)
- WordPress site URL
- WordPress username
1.2 WordPress Credentials
When you connect your site via the WordPress plugin:
- A WordPress Application Password is created and transmitted securely to our API
- The Application Password is stored encrypted (AES-256) in our database
- We use this credential solely to publish and manage content on your behalf
1.3 Content Data
When you use the Service, we process:
- Keywords and article generation parameters you submit
- Generated article content (stored in Amazon S3)
- SEO analysis results and scores
- Job status and progress data
1.4 Usage Data
We automatically collect:
- API request logs (endpoint, timestamp, response codes)
- Job execution metrics (duration, token usage)
- Error logs for debugging purposes
1.5 WordPress Plugin Data
The WordPress plugin stores locally on your server:
- Your API key (encrypted with AES-256-CBC using your site's authentication salts)
- Your site registration ID
- Application Password UUID (for revocation)
- Connection status
This data is stored in your WordPress database and is not transmitted elsewhere except when making API calls to our Service.
2. How We Use Your Information
| Data | Purpose | Legal Basis |
|---|---|---|
| Account info | Authentication, account management | Contract performance |
| WP credentials | Publishing content to your site | Contract performance |
| Keywords / parameters | AI content generation | Contract performance |
| Generated content | Storage, delivery, and publishing | Contract performance |
| Usage data | Service monitoring, billing, debugging | Legitimate interest |
3. Data Storage and Security
3.1 Infrastructure
- Region: All data is processed and stored in AWS EU-North-1 (Stockholm, Sweden)
- Encryption at rest: DynamoDB tables use AWS-managed KMS encryption; S3 buckets use server-side encryption (SSE-S3)
- Encryption in transit: All API communication uses TLS 1.2+
- Credentials: WordPress Application Passwords and API keys are stored encrypted in DynamoDB using AWS KMS customer-managed keys
3.2 Access Controls
- API access requires authentication (Cognito JWT or API key)
- Each user can only access their own sites, agents, and content
- Lambda functions follow least-privilege IAM policies
4. Third-Party Services
The Service uses the following third-party providers:
| Provider | Purpose | Data Shared |
|---|---|---|
| Amazon Web Services | Infrastructure (compute, storage, database) | All service data |
| Amazon Bedrock (Anthropic Claude) | AI content generation | Keywords, article content, prompts |
| Firecrawl | Web scraping for competitor research | Target keywords, competitor URLs |
| Stripe | Payment processing | Billing information |
| Unsplash | Stock image sourcing | Image search queries |
Each provider has their own privacy policy. We encourage you to review them.
5. Data Retention
- Generated articles: Retained in S3 with 90-day lifecycle policy (moved to Glacier after 90 days)
- Job records: Retained in DynamoDB for the duration of your subscription
- WebSocket connections: Ephemeral, TTL of 2 hours
- API logs: Retained for 30 days in CloudWatch
- Account data: Retained until account deletion or 12 months after subscription cancellation
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access your personal data we hold
- Correct inaccurate personal data
- Delete your personal data ("right to be forgotten")
- Export your data in a portable format
- Object to processing based on legitimate interest
- Withdraw consent at any time (where processing is based on consent)
To exercise these rights, contact us at privacy@aiagentssee.com.
7. Disconnecting Your Site
When you disconnect your WordPress site from the Service:
- The Application Password is revoked immediately
- Your site registration is removed from our database
- Previously published articles remain on your WordPress site (they are your content)
- Generated articles in S3 are retained per our data retention policy
8. Plugin Uninstallation
When you uninstall the WordPress plugin, all locally stored data is removed from your WordPress database, including:
- Encrypted API key
- Site registration ID
- Application Password UUID
- All plugin settings and transient caches
9. Cookies
The web dashboard uses session cookies for authentication (Cognito). The WordPress plugin does not set any cookies on your site's frontend.
10. Children's Privacy
The Service is not directed at individuals under 18. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes via email or a notice on the Service. The "Last updated" date at the top reflects the most recent revision.
12. Contact Us
For privacy-related questions or requests:
Email: privacy@aiagentssee.com
Website: https://aiagentssee.com