Privacy Policy

Controller

Christian Huber
Odenwaldstraße 24
69124 Heidelberg
Germany

Email: christian@derhuber.com
Phone: 01512 9515056

Privacy requests can be sent to christian@derhuber.com.

Scope

This policy explains how Zana SEO processes personal data on the marketing website, the application dashboard, account flows, subscriptions, newsletter forms, demo/contact flows, rank tracking, reporting, monitoring, and related product workflows.

Legal Bases

Account access, dashboard features, subscriptions, rank tracking, and reports are processed to perform a contract or take pre-contractual steps. Security logs, abuse prevention, fraud prevention, service reliability, and limited product debugging are processed on the basis of legitimate interests. Marketing analytics and newsletter messages are processed based on consent where consent is required. Billing, tax, and accounting records may be processed to comply with legal obligations.

Hosting And Technical Delivery

Zana SEO is built with Next.js and hosted through Vercel. When you use the site or app, technical data may be processed to deliver the service and keep it secure, including IP address, browser and device metadata, request URLs, timestamps, referrer data, and server logs. This processing is used for delivery, security, abuse prevention, and troubleshooting.

Authentication And Account Data

The application uses Better Auth. Supported sign-in methods include Google OAuth, password authentication, and optional demo or anonymous authentication where enabled.

Account records may include name, email address, username, avatar image or storage ID, role, unlimited-credit flag, email verification status, authentication accounts, sessions, verification codes, access tokens, refresh tokens, session IP address, and session user-agent metadata.

Product Workspace Data

Zana SEO stores the workspace data needed to provide local SEO rank tracking. This can include project name, tracked domain, country, language, business location name, address, latitude, longitude, target name, optional Google Place ID, keywords, scan settings, reports, usage events, and usage counters.

Organic and map ranking results are stored in PostgreSQL. This can include ranking positions, URLs, search volume, costs, timestamps, map grid points, and raw provider responses where needed for product display, reports, debugging, and usage accounting.

SEO Ranking Data Provider

Zana SEO uses an external SEO ranking data provider to run ranking checks. The provider receives scan payloads needed to perform those checks, such as keyword, language code, location code, coordinates, grid point settings, and task or postback identifiers. Zana SEO does not intentionally send your account identity as part of scan payloads.

Billing

Subscriptions, checkout links, customer portal access, product data, and billing status are handled through Polar. Stripe may process payments through Polar. Zana SEO receives subscription and customer status, product and subscription IDs, plan metadata, current period end, and cancellation status needed to unlock plans and billing settings, but does not store full payment card data.

Email And Newsletter

Resend is used to send transactional, authentication, and subscription emails where configured. Loops receives newsletter form submissions, including email address and user group. For newsletter cooldown and deduplication, Zana SEO stores only an email hash, user group, and timestamps.

Analytics Consent

OpenPanel analytics is used on the marketing site only after consent. The consent choice is stored in localStorage under zanaSeo.analyticsConsent with a timestamp. You can reject analytics and still use the site.

Functional Local Storage

The application dashboard uses localStorage for functional preferences, including project filters, map grid settings, organic filter settings, and report scope. These preferences help the product remember interface state and are not marketing analytics.

Scheduling, Monitoring, And Maps

The demo/contact page may embed Cal.com. The app uses Sentry error monitoring only in production when a Sentry DSN is configured. Map previews may request OpenStreetMap tiles when rendered. Links that open Google Maps are outbound links, not embedded Google Maps content.

Processors And Recipients

Zana SEO uses service providers and processors where needed to operate the product. These include hosting and infrastructure providers including Vercel and Dokploy PostgreSQL; authentication providers including Better Auth and Google OAuth; the SEO ranking data provider DataForSEO; billing and payment providers including Polar and Stripe; email and newsletter providers including Resend and Loops; analytics through OpenPanel; monitoring through Sentry; scheduling through Cal.com; and map or tile services related to OpenStreetMap.

International Transfers

Some processors may process data outside Germany or the European Union. Where this happens, the relevant providers are expected to use applicable safeguards such as adequacy decisions, standard contractual clauses, or provider transfer mechanisms.

Retention And Deletion

Account and workspace data is kept while the account exists or as long as needed to provide the service. When you delete your account, Zana SEO removes your user-owned PostgreSQL workspace data and removes authentication/session records. Subscription cancellation remains available through the Polar customer portal.

This deletion does not remove billing records kept by Polar or Stripe, tax and accounting records, newsletter records held by Loops, provider logs, security logs, or other records that third-party processors retain under their own legal, security, or operational obligations.

Your Rights

Depending on the applicable law, you may have rights to access, rectify, delete, restrict, or receive a copy of your personal data. You may also object to certain processing, withdraw consent where processing is based on consent, and lodge a complaint with a data protection supervisory authority.

Send privacy requests to christian@derhuber.com.

Changes

Zana SEO may update this policy by publishing a revised version with a new date.