Privacy Policy

Introduction and Overview

This Privacy Policy describes how wholinks2me.com ("we", "us", "our", "Company") collects, uses, discloses, stores, and protects personal information when you use our website and services (collectively, the "Service").

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy legislation.

By using the Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.

Data Controller

The data controller responsible for your personal data is:

Information We Collect

We collect several types of information from and about users of the Service:

A. Information You Provide Directly

• URLs for Analysis: Website addresses you submit for analysis through our tools (analyzer, site audit, sitemap generator, schema checker, etc.)
• Contact Form Data: Name, email address, subject line, and message content when you use our contact form
• Account Information (if applicable): If user accounts are introduced in the future, we may collect username, email address, password (encrypted), and profile information
• Saved Reports (optional): If you choose to save analysis reports locally, metadata about those reports may be stored in your browser's local storage
• Historical Analysis Data: Analysis results (URL, scores, metrics, timestamps) are anonymously stored in our database to enable historical tracking, trend analysis, and comparison features. This data is not linked to individual users or identifiable information

B. Information Collected Automatically

• Server Logs: IP address, browser type and version, operating system, referrer URL, pages visited, date and time stamps, and clickstream data
• Cookies and Similar Technologies: Session identifiers, preferences, and functional data (see Cookies section below)
• Usage Data: Features used, tools accessed, analysis settings, and interaction patterns
• Device Information: Device type, screen resolution, language preference, and time zone
• Performance Data: Page load times, errors, crashes, and diagnostic information to improve Service quality

C. Information from Third-Party Services

• Google PageSpeed Insights: When you request PageSpeed analysis, your URL is sent to Google's API. Google's own privacy policy applies to that data transmission
• External Validators: If you use schema validation or other third-party integrations, relevant data is transmitted to those services
• Analytics (if enabled): We may use analytics services (Google Analytics or similar) to understand usage patterns. These services may collect additional data subject to their privacy policies

How We Use Your Information

We use the information we collect for the following purposes:

A. Service Provision and Functionality

• To provide, operate, and maintain the Service
• To process and analyze URLs you submit
• To generate reports, recommendations, and analysis results
• To enable features such as saving reports, sharing results, and accessing tools
• To provide historical tracking, trend analysis, and comparison features by storing anonymized analysis data
• To generate PDF reports and export functionality
• To respond to your inquiries and provide customer support

B. Service Improvement and Development

• To understand how users interact with the Service
• To identify and fix bugs, errors, and technical issues
• To develop new features, tools, and improvements
• To conduct research, testing, and analysis
• To optimize performance and user experience

C. Security and Fraud Prevention

• To detect, prevent, and investigate fraud, abuse, and security incidents
• To protect the Service, infrastructure, and users from harm
• To enforce our Terms of Service and Acceptable Use Policy
• To comply with legal obligations and respond to legal requests

D. Communication

• To respond to your contact form submissions
• To send important Service notices (if accounts are introduced)
• To notify you of changes to our Terms or Privacy Policy
• To send marketing communications (only with your consent, and you may opt out at any time)

Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on the following legal grounds:

• Contractual Necessity: Processing is necessary to provide the Service you have requested (analyzing URLs, generating reports)
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving the Service, ensuring security, and preventing fraud (balanced against your rights and interests)
• Consent: You have given explicit consent for specific processing activities (e.g., marketing emails, optional analytics)
• Legal Obligation: Processing is required to comply with applicable laws, regulations, or legal processes

Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties. We may share your information in the following limited circumstances:

A. Service Providers and Processors

We may share data with trusted third-party service providers who assist us in operating the Service, including:

• Hosting and infrastructure providers (servers, databases, CDN)
• Analytics and performance monitoring services
• Email delivery and communication services
• Security and fraud prevention services

These service providers are contractually obligated to protect your data, use it only for specified purposes, and comply with applicable data protection laws.

B. Third-Party APIs and Integrations

When you use certain features, data may be transmitted to third-party services:

• Google PageSpeed Insights: Your URL is sent to Google for performance analysis
• External Validators: Schema markup, structured data, and other content may be sent to validation services

These third parties have their own privacy policies governing how they handle data.

C. Legal Requirements and Protection

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders, search warrants)
• Requests from government or law enforcement agencies
• Protection of our rights, property, or safety, or those of our users or the public
• Detection, prevention, or investigation of fraud, security breaches, or illegal activities
• Enforcement of our Terms of Service

D. Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred to the successor entity, subject to this Privacy Policy or an equivalent policy.

International Data Transfers

The Service may be operated from and data may be stored in multiple locations, including countries outside your country of residence. Data may be transferred to and processed in countries that may not have the same data protection laws as your jurisdiction.

If you are located in the EEA, UK, or Switzerland:

• We rely on appropriate safeguards for international transfers, such as Standard Contractual Clauses (SCCs) approved by the European Commission
• We may transfer data to countries with adequacy decisions under GDPR (e.g., countries deemed to provide adequate protection)
• We implement technical and organizational measures to protect data during transfers

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and improve the Service.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They enable the website to remember your preferences and recognize you on subsequent visits.

Types of Cookies We Use

• Essential Cookies: Required for the Service to function properly (e.g., maintaining sessions, security, API requests). These cannot be disabled without breaking core functionality
• Functional Cookies: Remember your preferences (e.g., saved reports, settings, theme preferences)
• Analytics Cookies (if enabled): Help us understand usage patterns, popular features, and areas for improvement (e.g., Google Analytics)
• Performance Cookies: Collect data about Service performance, load times, and errors

Managing Cookies

You can control cookies through your browser settings:

• Most browsers allow you to block or delete cookies
• You can set your browser to notify you when a cookie is being set
• Disabling essential cookies may impair Service functionality

For analytics cookies, you may opt out through browser extensions like Google Analytics Opt-out Add-on.

Local Storage

We use browser local storage to save analysis reports and preferences on your device. This data is stored locally and not transmitted to our servers unless you explicitly choose to share a report.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods

• URL Analysis Data: Analysis results may be stored anonymously in our database for historical tracking and trend analysis features. Stored data includes URL, scores, metrics, and timestamps but is not linked to individual users. Historical data is retained for up to 90 days unless you explicitly request deletion
• Server Logs: Retained for up to 12 months for security, debugging, and analytics purposes, then automatically deleted
• Contact Form Submissions: Retained for up to 3 years for record-keeping and customer service purposes, or until you request deletion
• Saved Reports (local storage): Retained in your browser until you manually delete them or clear browser data
• Shared Reports (if applicable): Retention period displayed when creating the share link (e.g., 7 days, 30 days)
• Account Data (if applicable): Retained until account deletion is requested, plus a short period for backups and fraud prevention

Deletion and Anonymization

After retention periods expire, personal data is securely deleted or anonymized so it can no longer identify you. Anonymized data may be retained indefinitely for statistical and research purposes.

Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal data:

A. Rights Under GDPR (EEA, UK, Switzerland)

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
• Right to Restriction of Processing: Request that we limit processing of your data in certain situations
• Right to Data Portability: Receive your data in a structured, machine-readable format and transmit it to another controller
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
• Right to Withdraw Consent: Withdraw consent for processing where consent was the legal basis (does not affect prior processing)
• Right to Lodge a Complaint: File a complaint with your local data protection authority

B. Rights Under CCPA (California Residents)

• Right to Know: Request information about the categories and specific pieces of personal data we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal data we collected from you
• Right to Opt-Out of Sale: We do not sell personal data, so this right is not applicable
• Right to Non-Discrimination: Exercise your rights without receiving discriminatory treatment

C. How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within the timeframes required by applicable law (typically 30 days for GDPR requests, 45 days for CCPA requests). We may need to verify your identity before processing your request.

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Security Measures Include:

• Encryption of data in transit using HTTPS/TLS protocols
• Secure server infrastructure with access controls and monitoring
• Regular security assessments and vulnerability testing
• Access restrictions: only authorized personnel can access personal data
• Logging and monitoring of system access and activities
• Incident response procedures for security breaches

Children's Privacy

The Service is not intended for children under the age of 18. We do not knowingly collect personal data from children under 18. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at privacy@wholinks2me.com, and we will promptly delete such information.

Third-Party Links and Services

The Service may contain links to third-party websites, services, or resources. We are not responsible for the privacy practices or content of third parties. When you leave our Service, we encourage you to read the privacy policies of every website you visit.

Third-Party Services We Integrate With:

• Google PageSpeed Insights – Google Privacy Policy
• Schema validators and external APIs – refer to their respective privacy policies

Do Not Track Signals

Some browsers offer "Do Not Track" (DNT) signals. At this time, there is no universally accepted standard for how to respond to DNT signals. We do not currently respond to DNT signals, but we minimize tracking and provide cookie controls as described above.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Post the revised Privacy Policy on this page
• Notify you via email (if accounts and email addresses are collected) or through a prominent notice on the Service

Your continued use of the Service after changes become effective constitutes your acceptance of the revised Privacy Policy. If you do not agree with the changes, please stop using the Service.

Jurisdiction-Specific Provisions

European Economic Area (EEA), UK, Switzerland

If you are located in the EEA, UK, or Switzerland, you have the rights described under GDPR above. You also have the right to lodge a complaint with your local supervisory authority.

Supervisory Authority (UK): Information Commissioner's Office (ICO) – ico.org.uk

California Residents

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) as described above.

California Privacy Notice:

• We do not sell personal information
• You may request information about data collection and use in the preceding 12 months
• You may request deletion of personal data (subject to certain exceptions)
• You will not receive discriminatory treatment for exercising your rights

Other Jurisdictions

If you are located in a jurisdiction with specific data protection laws (e.g., Canada, Australia, Brazil), you may have additional rights. Please contact us at privacy@wholinks2me.com to learn more about your rights.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: