Privacy Policy

1. Introduction

This Privacy Policy explains how Savisense Limited, trading as Bloggle.ai ("we", "us", "our"), collects, uses, and protects your personal data when you use our AI-powered blog content generation platform.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide to Us

Account Information:

• Name and email address
• Company name and business details
• Password (encrypted)
• Billing and payment information

Content Data:

• Blog posts, titles, and descriptions you create
• Keywords and SEO research queries
• Categories and tags you assign
• Comments and feedback you provide

Communication Data:

• Correspondence with our customer support team
• Survey responses and feedback
• Marketing preferences

2.2 Information We Collect Automatically

Usage Data:

• Page views and navigation patterns
• Referrer sources and traffic origins
• Browser type and operating system (anonymized)
• Device type (desktop/mobile/tablet)
• Geographic location (country/region level only)
• Session duration and interaction patterns

Technical Data:

• Log files and error reports
• API usage for service delivery

2.3 Information from Third Parties

AI Service Providers:

• We send your content prompts to third-party AI providers (Google Gemini, OpenAI, Anthropic Claude) to generate content
• These providers may process your prompts according to their own privacy policies

Payment Processors:

• Payment information is processed by our third-party payment providers
• We do not store complete credit card details

SEO Services:

• DataForSEO processes your keyword research queries
• They may collect technical data about API requests

3. How We Use Your Information

3.1 Legal Bases for Processing

We process your personal data under the following legal bases:

Contract Performance:

• To provide the Bloggle.ai service
• To process your payments
• To manage your account

Legitimate Interests:

• To improve our service and develop new features
• To ensure platform security and prevent fraud
• To analyze usage patterns and optimize performance
• To send service-related communications

Consent:

• To send marketing communications (you can withdraw consent at any time)

Legal Obligation:

• To comply with legal and regulatory requirements
• To respond to law enforcement requests

3.2 Specific Purposes

We use your information to:

• Provide Core Services: Generate AI content, perform SEO research, manage blog posts
• Account Management: Create and maintain your account, authenticate access
• Payment Processing: Process transactions and manage billing
• Customer Support: Respond to inquiries and resolve issues
• Service Improvement: Analyze usage patterns, optimize performance, test features, and fix bugs
• Communication: Send service updates, security alerts, and (with consent) marketing materials
• Security: Detect and prevent fraud, unauthorized access, and security threats
• Legal Compliance: Meet regulatory obligations and respond to legal requests

4. AI Content Processing

4.1 Third-Party AI Providers

When you generate content, your prompts and instructions are sent to one or more of these AI providers:

• Google Gemini (Google LLC)
• OpenAI GPT (OpenAI, L.L.C.)
• Anthropic Claude (Anthropic PBC)

Important Notes:

• Each provider has their own privacy policy and data processing practices
• Your prompts may be processed outside the UK/EEA
• We use automatic failover, so multiple providers may process your requests
• AI providers may use your prompts to improve their models (check their policies)

4.2 Your Control Over AI Processing

• You can view which AI provider processed each request in your account logs
• You are responsible for not including sensitive personal data in your prompts
• Generated content is stored in our UK/EEA-based database (Supabase)

5. Data Sharing and Disclosure

5.1 Third-Party Service Providers

We share your data with trusted service providers who assist us in operating our platform:

Infrastructure and Hosting:

• Supabase (database and authentication) - UK/EEA servers
• Vercel/hosting provider (application hosting)

AI and Content Generation:

• Google Gemini - content generation
• OpenAI - content generation (fallback)
• Anthropic - content generation (fallback)

SEO and Communication:

• DataForSEO - keyword research and SEO data
• Gmail API - system notifications and alerts

Privacy-Friendly Analytics:

• Pirsch Analytics - cookie-free website analytics and usage statistics

Payment Processing:

• Payment processors for transaction processing

All service providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Legal Disclosures

We may disclose your information when required to:

• Comply with legal obligations or court orders
• Protect our rights, property, or safety
• Detect, prevent, or address fraud or security issues
• Respond to law enforcement requests

5.3 Business Transfers

If Savisense Limited is involved in a merger, acquisition, or sale of assets, your personal data may be transferred to the new entity. You will be notified of any such change.

6. International Data Transfers

6.1 Transfers Outside the UK/EEA

Some of our service providers operate outside the UK and European Economic Area (EEA), particularly AI providers based in the United States.

Safeguards in Place:

• We ensure adequate safeguards are in place (Standard Contractual Clauses, adequacy decisions)
• AI providers maintain appropriate security measures
• Data is encrypted in transit and at rest

6.2 Your Rights Regarding Transfers

You have the right to obtain information about safeguards in place for international transfers. Contact us at customer@bloggle.ai for details.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Technical Measures:

• Encryption of data in transit (SSL/TLS) and at rest
• Secure authentication and password hashing
• Regular security testing and vulnerability assessments
• Access controls and authentication systems

Organizational Measures:

• Limited access to personal data on a need-to-know basis
• Staff training on data protection
• Data breach response procedures
• Regular security policy reviews

However, no system is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Account Data: Retained while your account is active and for up to 12 months after account closure (unless legal obligations require longer retention)
• Content Data: Retained while your account is active; deleted within 30 days of account deletion (unless you have published content you wish to keep)
• Usage and Log Data: Technical logs retained for up to 12 months for security and service delivery purposes; aggregated analytics data may be retained longer for statistical purposes
• Legal Requirements: Some data may be retained longer to comply with legal, accounting, or regulatory requirements

You can request deletion of your data at any time (subject to legal retention requirements).

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

9.1 Right of Access

Request a copy of the personal data we hold about you.

9.2 Right to Rectification

Request correction of inaccurate or incomplete personal data.

9.3 Right to Erasure (Right to be Forgotten)

Request deletion of your personal data in certain circumstances.

9.4 Right to Restrict Processing

Request that we limit how we use your personal data in certain situations.

9.5 Right to Data Portability

Receive your personal data in a structured, commonly used format and transmit it to another controller.

9.6 Right to Object

Object to processing of your personal data based on legitimate interests or for direct marketing purposes.

9.7 Rights Related to Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

9.8 Right to Withdraw Consent

Where processing is based on consent, you can withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

9.9 How to Exercise Your Rights

To exercise any of these rights, contact us at customer@bloggle.ai. We will respond within one month (extendable by two months for complex requests).

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

• Website: https://ico.org.uk
• Helpline: 0303 123 1113

10. Privacy-Friendly Analytics

10.1 Pirsch Analytics

We use Pirsch Analytics, a privacy-friendly, cookie-free analytics service, to understand how visitors use our platform. Unlike traditional analytics tools, Pirsch:

• Does not use cookies - no cookie consent banner required
• Does not track individuals - collects only aggregate, anonymized data
• Does not create user profiles - no cross-site tracking
• GDPR compliant - designed with privacy regulations in mind
• No personal data collection - IP addresses are anonymized immediately

10.2 Data Collected by Pirsch

Pirsch collects anonymized, aggregated statistics including:

• Page views and popular pages
• Traffic sources (where visitors come from)
• Browser and device types (for compatibility)
• Geographic region (country/region level only, not precise location)
• Session duration (how long people stay on pages)

All data is anonymized and cannot be used to identify individual users.

10.3 Why We Use Analytics

Analytics help us:

• Understand which features are most valuable
• Improve user experience and performance
• Identify technical issues or broken pages
• Make informed decisions about product development

For more information about Pirsch's privacy practices, visit: https://pirsch.io/privacy

11. Marketing Communications

11.1 Consent-Based Marketing

With your consent, we may send you:

• Product updates and new features
• Tips and best practices
• Special offers and promotions
• Industry news and insights

11.2 Unsubscribing

You can unsubscribe from marketing communications at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Updating preferences in your account settings
• Contacting customer@bloggle.ai

Note: You will continue to receive essential service-related communications regardless of marketing preferences.

12. Children's Privacy

Bloggle.ai is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected information from a child, please contact us immediately at customer@bloggle.ai.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

Notification of Changes:

• Material changes will be notified via email
• The "Last Updated" date will be revised
• Continued use after changes constitutes acceptance

We encourage you to review this Privacy Policy periodically.

14. Third-Party Links

Our service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

15. Contact Us

If you have questions about this Privacy Policy or how we handle your personal data, please contact:

16. Supervisory Authority

You have the right to lodge a complaint with the UK Information Commissioner's Office: