Privacy Policy

Last Updated: February 11, 2026

This Privacy Policy explains how HG SEO Commander collects, uses, stores, protects, and shares information, including Google user data accessed via Google APIs when you connect your Google account.

Google User Data Handling (OAuth)

When you connect a Google account, HG SEO Commander accesses Google user data through Google APIs, based on the OAuth scopes you grant. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

1. Data Collection (Google User Data We Access)

Depending on the features you enable, we may access the following types of Google user data:

  • Google account profile info (via openid, email, profile): your email address, name, and Google account identifier (and, when available, profile photo).
  • OAuth token data: access token, refresh token, token expiry, and the list of granted scopes/permissions.
  • Google Search Console (read-only): site/property list, search performance analytics (for example queries, pages, countries, devices), sitemap data, and site experience metrics (for example Core Web Vitals), as available via the API.
  • Google Analytics (GA4) (read-only): property list and reporting data (for example traffic, users, events, conversions, pages) as available via the API.
  • Google Business Profile (management access): account and location information (for example name, address, phone, website), performance/insight metrics, reviews, posts, media metadata, categories, services, and verification status/options, as available via the API.

HG SEO Commander may request the following OAuth scopes (depending on the features you enable): openid, email, profile, https://www.googleapis.com/auth/webmasters.readonly, https://www.googleapis.com/auth/analytics.readonly, https://www.googleapis.com/auth/business.manage.

Note: Search Console and Analytics access is read-only. Google Business Profile access may include creating or updating content (for example posts, media uploads, and services) when you explicitly use those features.

2. Data Usage

We use Google user data to provide the product features you request, including:

  • Displaying SEO and performance metrics in a unified dashboard
  • Generating reports, charts, and comparisons over time
  • Syncing connected properties/locations to keep your dashboard current
  • Showing Google Business Profile insights, reviews, and post history
  • Creating and scheduling Google Business Profile posts and uploading media (only when you submit these actions)
  • Updating Google Business Profile services (only when you submit these changes)
  • Supporting Google Business Profile verification workflows (only when you initiate a verification action)

We do not use Google user data for advertising. We do not use Google user data to train generalized AI/ML models.

3. Data Usage & Sharing (Third Parties)

We do not sell Google user data. We do not share Google user data with third parties for advertising or marketing. We share Google user data only in these limited cases:

  • With Google when making authorized API requests on your behalf (for example, retrieving metrics or creating a Business Profile post you requested).
  • With service providers that help us operate HG SEO Commander (for example hosting, databases, monitoring, and email delivery). These providers act as processors and are permitted to use the data only to provide services to us.
  • For legal or security reasons (for example to comply with applicable law, enforce our terms, or prevent abuse/fraud).

4. Data Storage (and Security)

We store Google connection data (for example account identifiers, selected properties/locations, and OAuth tokens) in our systems to provide the service. Our security practices include:

  • Encrypted transport using HTTPS/TLS
  • Encryption of stored OAuth tokens and other sensitive credentials at rest
  • Access controls and least-privilege internal access
  • Operational logging designed to avoid storing raw tokens (tokens are redacted when logged)

5. Deletion & Data Retention

We retain Google user data we store for as long as needed to provide the services you request (for example while your account is active and the integration is connected). We retain OAuth tokens only while a connection is active. You can request deletion at any time:

  • Disconnect Google: Use the HG SEO Commander integrations settings to disconnect your Google account, which removes stored OAuth tokens from our systems and stops further Google API access.
  • Revoke from Google: Visit your Google Account Permissions page to revoke access.
  • Request deletion: Email support@hgseocommander.com with the subject line Data Deletion Request (no in-app login required). After we verify your request, we will delete your Google connection data and associated stored Google user data within 30 days, unless retention is required by law.

Some data may persist for a limited period in routine backups before being overwritten.

Information We Collect (Other)

We collect information you provide directly to us when you create an account or contact support, such as your name, email address, and business/workspace details. We may also collect basic usage and diagnostic data (for example feature usage and error logs) to operate and improve the service.

Your Rights & Choices

You can update certain account information within the product. You can also disconnect your Google account at any time (see the Data Retention & Deletion section above). For access, export, or deletion requests that are not available in-product, contact support@hgseocommander.com.

Children's Privacy

HG SEO Commander is not directed to children under 18, and we do not knowingly collect personal information from children under 18.

Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the "Last Updated" date.

Contact Us

For questions about this Privacy Policy or our data practices, contact support@hgseocommander.com.