PRIVACY POLICY

Last updated March 04, 2025

This Privacy Notice for White Coat SEO LTD (“we”, “us”, or “our”) describes how and why we might access, collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:

• Visit our website at whitecoatseo.uk, or any website of ours that links to this Privacy Notice
• Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at james@whitecoatseo.uk.

────────────────────────────
SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice. You can find more details about each topic by reviewing the full sections below.

• What personal information do we process?
When you visit, use, or navigate our Services, we may process personal information based on how you interact with us, the choices you make, and the products and features you use. (Learn more in “1. WHAT INFORMATION DO WE COLLECT?”)

• Do we process any sensitive personal information?
Some information (for example, your racial or ethnic origins, sexual orientation, and religious beliefs) may be considered sensitive in some jurisdictions—but we do not process sensitive personal information.

• Do we collect any information from third parties?
We do not collect information from third parties.

• How do we process your information?
We process your information to provide, improve, and administer our Services, communicate with you, maintain security and prevent fraud, and to comply with law. (See “2. HOW DO WE PROCESS YOUR INFORMATION?”)

• In what situations and with whom do we share your personal information?
We may share your information in certain situations and with specific third parties. (See “4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?”)

• How do we keep your information safe?
We use a combination of organisational and technical measures to protect your personal information, though no system is 100% secure. (See “7. HOW DO WE KEEP YOUR INFORMATION SAFE?”)

• What are your rights?
Depending on your location, you may have rights regarding access to, correction of, or deletion of your personal information. (See “9. WHAT ARE YOUR PRIVACY RIGHTS?”)

• How do you exercise your rights?
You can submit a data subject access request or contact us directly to exercise your rights.

• Want to learn more?
Review the full Privacy Notice below.

────────────────────────────
TABLE OF CONTENTS

WHAT INFORMATION DO WE COLLECT?
HOW DO WE PROCESS YOUR INFORMATION?
WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
HOW LONG DO WE KEEP YOUR INFORMATION?
HOW DO WE KEEP YOUR INFORMATION SAFE?
DO WE COLLECT INFORMATION FROM MINORS?
WHAT ARE YOUR PRIVACY RIGHTS?
CONTROLS FOR DO-NOT-TRACK FEATURES
DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
DO WE MAKE UPDATES TO THIS NOTICE?
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

────────────────────────────

WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us
In Short: We collect personal information that you provide to us.

We collect personal information you voluntarily provide when you: – Express an interest in obtaining information about us or our products and Services
– Participate in activities on the Services
– Contact us

Examples of the personal information we may collect include: • Names
• Email addresses
• Contact or authentication data

Sensitive Information
We do not process sensitive information.

Please ensure that all personal information you provide is true, complete, and accurate, and notify us of any changes.

Information automatically collected
In Short: Some information—such as your IP address and/or browser and device characteristics—is collected automatically when you visit our Services.

We automatically collect certain information (e.g., device and usage details such as IP address, browser type, operating system, language preferences, referring URLs, device name, country, and location) to help maintain the security and operation of our Services and for internal analytics and reporting purposes. We also collect data through cookies and similar tracking technologies.

Google API
Our use of information from Google APIs adheres to the Google API Services User Data Policy and its Limited Use requirements.

────────────────────────────
2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We use your personal information for reasons such as: • Responding to user inquiries and providing support
• Sending you administrative information (e.g., updates about products, services, or policy changes)
• Saving or protecting an individual’s vital interests (for example, to prevent harm)

────────────────────────────
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we have a valid legal reason under applicable law (such as your consent, contractual necessity, legal obligations, protection of vital interests, or our legitimate business interests).

If you are in the EU or UK, the GDPR (and UK GDPR) apply. We may rely on: • Consent – you can withdraw your consent at any time
• Performance of a Contract – to fulfil our contractual obligations to you
• Legal Obligations – to comply with laws or regulatory requirements
• Vital Interests – to protect your or another’s vital interests

In legal terms, we are the “data controller” of your personal information. If we act as a “data processor” on behalf of our customers, the customer is the data controller.

If you are located in Canada, similar rules apply regarding express or implied consent. In exceptional cases, we may process your data without your consent when permitted by law (e.g., for fraud detection or legal compliance).

────────────────────────────
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share your personal information in certain situations and with specific third parties.

For example, we may share your information when: • In connection with business transfers (e.g., merger, sale, financing, or acquisition)
• When using Google Maps Platform APIs (note: Google Maps uses location technologies to provide directions, though accuracy may vary)

────────────────────────────
5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and similar technologies to collect and store your information.

We use cookies, web beacons, and pixels to: • Gather information when you interact with our Services
• Maintain security, prevent crashes, fix bugs, save preferences, and support basic site functions

We also allow third parties and service providers to use tracking technologies for analytics and advertising. If these technologies are considered a “sale” or “sharing” under applicable US state laws, you can opt out as described in section 11.

Google Analytics
We may use Google Analytics to track and analyse your use of our Services. To opt out of Google Analytics tracking, visit https://tools.google.com/dlpage/gaoptout. For more on Google’s privacy practices, please review the Google Privacy & Terms page.

────────────────────────────
6. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We retain your information only as long as necessary to fulfil the purposes outlined in this Privacy Notice, unless a longer period is required or permitted by law.

When there is no longer a legitimate business need, we will delete or anonymise your personal information. If deletion is not possible (e.g., due to backup archives), your data will be securely stored and isolated until it can be deleted.

────────────────────────────
7. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We use a combination of organisational and technical security measures to protect your personal information.

While we work to safeguard your data, no transmission over the Internet or storage technology is 100% secure. Therefore, we cannot guarantee absolute security. You should only access our Services in a secure environment.

────────────────────────────
8. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18.

We do not intentionally collect, solicit, or sell personal information from children under 18. By using our Services, you confirm that you are at least 18 or that you are the parent or guardian of a minor who has provided consent. If we discover that data from a child under 18 has been collected, we will take steps to promptly delete it.

────────────────────────────
9. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your location (e.g., certain US states, the EEA, UK, Switzerland, or Canada), you have rights that may include: • The right to know whether we are processing your data
• The right to access your personal data
• The right to correct inaccuracies
• The right to request deletion of your data
• The right to obtain a copy of your personal data
• The right to non-discrimination for exercising your rights
• The right to opt out of targeted advertising or profiling

In some regions, you may also have additional rights such as data portability or objection to automated decision-making. To exercise your rights, please refer to the “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” section below. If you are in the EEA or UK and believe your data is being processed unlawfully, you have the right to complain to your local data protection authority.

────────────────────────────
10. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and many mobile devices offer a Do-Not-Track (DNT) setting. Currently, there is no universally accepted standard for DNT signals, so we do not respond to them. California law requires us to explain our stance: we do not respond to DNT signals at this time.

────────────────────────────
11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: If you are a resident of certain US states (e.g., California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia), you may have rights to access, correct, or delete your personal data and to withdraw consent for its processing.

Categories of Personal Information We Collect (over the past 12 months):

A. Identifiers
Examples: Real name, alias, postal address, telephone number, unique identifiers, IP address, email, account name
Collected: NO

B. Personal Information as defined in the California Customer Records statute
Examples: Name, contact information, education, employment, financial information
Collected: NO

C. Protected Classification Characteristics
Examples: Gender, age, date of birth, race/ethnicity, national origin, marital status
Collected: NO

D. Commercial Information
Examples: Transaction details, purchase history, payment information
Collected: NO

E. Biometric Information
Examples: Fingerprints, voiceprints
Collected: NO

F. Internet or Other Similar Network Activity
Examples: Browsing history, search history, online behavior, interests, interactions with websites
Collected: NO

G. Geolocation Data
Examples: Device location
Collected: NO

H. Audio, Electronic, Sensory, or Similar Information
Examples: Images, audio/video recordings
Collected: NO

I. Professional or Employment-Related Information
Examples: Business contact details, job title, work history, qualifications
Collected: NO

J. Education Information
Examples: Student records, directory information
Collected: NO

K. Inferences Drawn from Collected Data
Examples: Profiles or summaries of an individual’s preferences and characteristics
Collected: NO

L. Sensitive Personal Information
Collected: NO

Additional data may be collected when you interact with us through customer support, surveys, contests, or when receiving our Services.

Sources of Personal Information
For more on where we get your data, please see section “1. WHAT INFORMATION DO WE COLLECT?”

How We Use and Share Personal Information
For details on how we use your data, see “2. HOW DO WE PROCESS YOUR INFORMATION?”
Will Your Information Be Shared?
We may disclose your personal information with service providers under contract. We do not sell or share personal data for commercial purposes, and we have not done so in the past 12 months.

────────────────────────────
Your Rights

Under certain US state data protection laws you have rights including: • Right to know if we process your personal data
• Right to access your personal data
• Right to correct inaccuracies
• Right to request deletion
• Right to obtain a copy of your personal data
• Right to non-discrimination when exercising these rights
• Right to opt out of processing for targeted advertising or profiling

Depending on your state, you may have additional rights such as: • Right to access the categories of personal data we process
• Right to obtain a list of third parties to which your data has been disclosed
• Right to review and question how your data has been profiled
• Right to limit the use and disclosure of sensitive data
• Right to opt out of collection via voice or facial recognition features

────────────────────────────
How to Exercise Your Rights

To exercise your rights, you can: • Submit a data subject access request (details provided via our online link)
• Email us at james@whitecoatseo.uk
• Visit https://whitecoatseo.uk/contact/
• Use the contact details provided at the end of this notice

In some US states, you may designate an authorised agent to make a request on your behalf. (Please note: we may deny requests from agents without valid proof of authorization.)

Request Verification
When we receive your request, we will verify your identity using the information provided. If additional verification is needed, we may request more details for security or fraud prevention purposes.

Appeals
If we decline to act on your request, you may appeal our decision by emailing us at james@whitecoatseo.uk. Should your appeal be denied, you may contact your state attorney general.

California “Shine The Light” Law
California Civil Code Section 1798.83 (“Shine The Light”) permits California residents to request, once per year and free of charge, details of any personal information disclosed to third parties for direct marketing purposes, including the names and addresses of those third parties. If you wish to make such a request, please contact us using the details below.

────────────────────────────
12. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: You may have additional rights depending on the country in which you reside.

Australia and New Zealand
We process your personal information in accordance with Australia’s Privacy Act 1988 and New Zealand’s Privacy Act 2020. This notice meets the notice requirements set by these laws.

If you do not provide the necessary personal information, it may affect our ability to offer you our services (e.g., providing products or responding to requests).

You have the right to request access to or correction of your personal information by contacting us (see “15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?”).

If you believe your data is being processed unlawfully, you can lodge a complaint with: • The Office of the Australian Information Commissioner
• The Office of the New Zealand Privacy Commissioner

Republic of South Africa
Residents in South Africa have the right to request access to or correction of their personal information. If unsatisfied with our response, you may contact the Information Regulator (South Africa):
Website: https://inforegulator.org.za/
General enquiries: enquiries@inforegulator.org.za
Complaints: PAIAComplaints@inforegulator.org.za

United Kingdom
For UK residents, we act as the data controller. Our UK representative is James Davidson, who can be contacted at james@whitecoatseo.uk or by post (see below).

────────────────────────────
14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have any questions or comments regarding this notice, you may: • Email us at: james@whitecoatseo.uk
• Contact us by post at:
White Coat SEO LTD
Apartment 34, Arosa Court
419 Wilmslow Road, Withington, Greater Manchester, M20 4LZ
United Kingdom

────────────────────────────
15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on applicable laws in your country or US state, you may have the right to: • Request access to the personal information we hold about you
• Request details about how we have processed your information
• Correct inaccuracies in your data
• Request deletion of your personal information
• Withdraw your consent to our processing (where processing is based on consent)

To make such a request, please fill out and submit a data subject access request (link provided online) or contact us using the details above.

────────────────────────────
Additional Notes on Exercising Your Rights

• If you use an authorised agent to make a request, we may require additional verification of their authority.
• If you are not satisfied with our response, you may appeal our decision by emailing us at james@whitecoatseo.uk.
• In certain regions (such as California), additional rights exist under state laws like the “Shine The Light” law.

For UK residents, please note that we have appointed James Davidson as our UK representative for privacy matters.