Privacy Policy

freeseowebsites.com ("Free SEO Websites") is operated by Loudachris Digital Marketing, a business based at 21-22 Greenhill Rd, Wayville SA 5034, Australia. We serve US small businesses async (email and Loom video, no calls).

Privacy contact: chris@loudachris.com.au. Subject line "Privacy request" gets routed to the operator within one business day.

We collect what you give us in the qualifier and intake forms (name, email, business details). We use it to reply, build your site, and run your monthly service. We do not sell it, share it for advertising, or send it to third parties for marketing. We use Google Analytics 4 for anonymized site analytics, no advertising trackers. You can ask us to access, correct, or delete your data at any time.

If you're in California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or any other US state with a comprehensive privacy law, the rights specific to your state are listed below. We honor the strictest applicable standard regardless of where you reside.

Application data: When you apply via our qualifier form, we collect your name, email, phone number (if provided), business name, business location (city, state), industry, staff size, plan preference, and any free-text notes you provide.

Intake data: If you proceed past the application, our intake form collects additional information needed to build your site: services you offer, brand assets (if provided), customer testimonials (if provided), keyword and competitor input, and access details for any existing analytics or Google Business Profile accounts you grant us.

Analytics data: We use Google Analytics 4 (GA4) with IP anonymization enabled. GA4 collects pages visited, time on page, traffic source, device type, and approximate country / state region. GA4 cookies are first-party. We do not use Facebook Pixel, TikTok Pixel, LinkedIn Insight Tag, Twitter / X conversion tracking, or any third-party advertising trackers on this site.

Search Console data: Aggregated search query and ranking data via Google Search Console. This is not linked to individual users.

Server logs: Vercel (our US-based host) logs IP addresses and request timestamps for security and abuse prevention. Logs are retained per Vercel's standard retention policy.

Per the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the categories we collect are:

• Identifiers: name, email, phone, IP address
• Commercial information: services you've inquired about, plan you've chosen, payment status
• Internet activity: pages visited, time on site (anonymized via GA4)
• Geolocation: approximate (city / state) only - we do not collect precise GPS location
• Professional information: business name, industry, staff size, services offered (provided by you in application or intake)

We do not collect: sensitive personal information (Social Security Number, driver's license, financial account numbers, biometric or health data), or personal information about minors under 16.

To respond to your application: reply with a written agreement or polite decline; answer follow-up questions you send.

To deliver the service: build your website, configure your Google Business Profile, set up tracking, perform monthly SEO work, send monthly reports.

For transactional emails: intake confirmations, build progress updates, monthly reports, billing notices.

For our own legitimate operations: anonymized analytics on the site, security monitoring, fraud prevention, debugging.

To comply with law: tax records, dispute resolution, regulatory inquiries.

We do NOT: sell your data; share your data with third parties for their marketing; use your data for cross-context behavioral advertising; profile you for automated decision-making with significant effects.

We share limited personal information with the following service providers to deliver the service. Each is bound by their own data processing terms.

• Vercel (US): website hosting and serverless functions. Receives server logs and form submissions.
• Resend (US): transactional email delivery. Receives email content (your application data emailed to us; build / billing emails sent to you).
• Google Workspace (US): our internal email and document storage where applications and intake data are filed.
• Google Analytics 4 (US): anonymized site analytics.
• Google Search Console (US): aggregated search performance data.
• GitHub (US): source code repository for your site (does not contain personal information about your customers).
• Stripe (US, if applicable): payment processing for monthly Care Fees. Stripe is the data controller for payment information.

All data processed by these providers is processed in the United States. The operator (Loudachris Digital Marketing) accesses this data from Adelaide, Australia. Your personal information may therefore be processed in Australia by the operator.

If you are a California resident, you have the right to:

• Right to know what categories of personal information we have collected about you, the sources, the purposes, and the categories of third parties we share with
• Right to access the specific pieces of personal information we hold about you
• Right to delete personal information we have collected from you (subject to legal exceptions, e.g. tax records)
• Right to correct inaccurate personal information
• Right to opt out of sale or sharing of personal information - we do not sell or share personal information for cross-context behavioral advertising, so this right is automatically honored
• Right to limit use of sensitive personal information - we do not collect sensitive personal information as defined by the CPRA
• Right to non-discrimination - we will not deny service, charge different prices, or provide a different level of service because you exercised a privacy right

To exercise any right, email chris@loudachris.com.au with subject "California privacy request." We respond within 45 days (extendable by 45 more days if reasonably necessary, with notice).

California residents may designate an authorized agent to make a request on their behalf. We require written authorization signed by the consumer plus identity verification before responding to an agent request.

If you reside in Virginia, Colorado, Connecticut, Utah, Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Tennessee (TIPA), Iowa (ICDPA), Indiana (INCDPA), Delaware (DPDPA), Maryland (MODPA), New Hampshire (NHPA), New Jersey (NJDPA), Minnesota (MCDPA), Rhode Island, or any other US state with a comprehensive consumer privacy law, you have substantially the same core rights as California residents:

• Right to access personal data we have collected about you
• Right to correct inaccurate personal data
• Right to delete personal data (subject to legal exceptions)
• Right to data portability in a portable, machine-readable format
• Right to opt out of targeted advertising, sale of personal data, and certain forms of profiling - we do not engage in any of these activities, so opt-out is automatically honored
• Right to appeal a denial of any privacy request (where applicable to your state)

To exercise any right, email chris@loudachris.com.au with the subject "Privacy request - [your state]". We respond within 45 days. If we deny a request and your state's law provides an appeal mechanism, we explain the appeal process in our response.

Email chris@loudachris.com.au with the subject line "Privacy request" and tell us:

• What right you're exercising (access, correction, deletion, etc.)
• What state you reside in
• The email address or phone number you used to apply, so we can locate your data

We verify identity by confirming the request from the same email address used in your application or by other reasonable methods. We don't charge a fee unless your request is manifestly unfounded or excessive.

Strictly necessary cookies: session and security cookies needed for the site to function. Cannot be disabled.

Analytics cookies: Google Analytics 4 first-party cookies for anonymized usage statistics. You can opt out via your browser settings or the Google Analytics opt-out browser add-on.

Advertising cookies: we do not use any.

We do not respond to Do Not Track (DNT) browser signals because there is no industry consensus on what DNT means. We do honor Global Privacy Control (GPC) signals as opt-out-of-sale signals where applicable under California, Colorado, and Connecticut law (we don't sell data, so the practical effect is the same).

Application / qualifier data: 7 years from submission (record-keeping for service-business operations and tax records).

Intake data: retained for the duration of our service plus 7 years.

Email correspondence: retained for 7 years.

Analytics data (GA4): 14 months at user level (GA4 default), aggregated indefinitely.

Server logs (Vercel): per Vercel's standard retention.

After the retention period, data is deleted or anonymized. You can request earlier deletion at any time per the rights sections above.

This service is for businesses, not consumers. We do not knowingly collect personal information from children under 13 (COPPA) or from minors under 16 without parental consent. If you believe we have collected information from a child, contact us immediately and we will delete it.

We use industry-standard security: TLS encryption in transit, encrypted storage, access controls limited to the operator and the named team members on our about page, two-factor authentication on all internal accounts. We have not had a data breach. If we ever experience a breach involving your personal information, we will notify you per the notification timelines required under your state's law (typically 72 hours to 60 days depending on jurisdiction).

Data is stored in the United States via the providers listed above. The operator (Loudachris Digital Marketing) accesses this data from Adelaide, Australia, where it is processed for the purpose of delivering the service. Australia has comprehensive privacy laws (the Privacy Act 1988 and Australian Privacy Principles) that provide protections substantially similar to US state privacy laws. By providing your personal information, you consent to this cross-border processing.

If you have a complaint, contact us first at chris@loudachris.com.au. We aim to resolve complaints within 30 days.

If we cannot resolve your complaint, you can also contact:

• California: California Privacy Protection Agency (cppa.ca.gov) or California Attorney General (oag.ca.gov)
• Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Tennessee, Iowa, Indiana, Delaware, Maryland, New Hampshire, New Jersey, Minnesota, Rhode Island: your state Attorney General's office
• All US residents: Federal Trade Commission (ftc.gov)

We may update this policy occasionally. The current version on this URL is the version that applies. Material changes (anything that broadens our use of your data or adds new categories of sharing) are communicated by email to active clients at least 30 days before they take effect.