This Privacy Policy explains how Creative Tech Solutions (“we”, “us”) collects, uses, and protects information when you use CTech Vega (the “Service”).
1. Information We Collect
Account information: name, email, hashed password, billing contact, and organization name.
Site connection data: website URLs, WordPress API credentials (encrypted at rest), Google Search Console OAuth tokens (encrypted), and SEO plugin information.
Crawled content: the public and authenticated content of sites you authorize — page titles, meta, body text, schema, internal links, and performance metrics.
Usage data: feature usage, login events, AI-call cost records, and error logs for security and support.
Payment data: processed by Paddle, our merchant of record. We do not store card numbers on our servers.
2. How We Use Information
- To operate the Service — crawl, analyze, generate suggestions, apply approved changes, track rankings.
- To provide customer support and communicate about your account.
- To process payments and prevent fraud.
- To monitor, debug, and improve the Service.
- To comply with legal obligations.
3. AI Processing
To generate SEO and GEO suggestions we send relevant page content (titles, meta, headings, body excerpts) to third-party AI providers — currently Google (Gemini) and Anthropic (Claude). These providers process the data to return suggestions and, per their current policies, do not train their foundation models on enterprise API traffic. We do not send billing information, passwords, or OAuth tokens to AI providers.
4. Third-Party Processors
- Paddle — payments, tax, and subscription management.
- Google Cloud (Gemini) — AI generation.
- Anthropic — AI generation (fallback).
- Google Search Console & PageSpeed Insights — ranking and performance data for sites you connect.
- Email provider — transactional email (account, billing, weekly reports).
- Cloud hosting provider — running the Service infrastructure.
5. Data Security
WordPress passwords and OAuth tokens are encrypted at rest using industry-standard encryption. Access to production systems is limited to authorized personnel and protected by strong authentication. We retain audit logs of significant system events.
6. Data Retention
Account and site data are retained while your subscription is active. On cancellation, we retain data for up to 30 days to allow account restoration, then delete or anonymize it unless we are required to retain it for legal, tax, or audit purposes. You can request earlier deletion via support.
7. Your Rights
Depending on your location, you may have the right to access, correct, export, or delete your personal data, to object to processing, and to lodge a complaint with a data-protection authority. To exercise these rights, email support@creativetech-solutions.com.
8. Cookies
We use strictly necessary cookies for authentication and session management. We do not use advertising or cross-site tracking cookies. Some third-party integrations (Google OAuth, Paddle checkout) may set their own cookies while in use.
9. Children
The Service is not intended for individuals under 18. We do not knowingly collect personal data from children.
10. International Transfers
Your data may be processed in countries other than your own, including the United States and the European Union, where our processors operate. Where required, we rely on appropriate transfer mechanisms such as Standard Contractual Clauses.
11. Changes to This Policy
We will post updates to this policy on this page and, for material changes, notify you by email or in-app notice at least 14 days before they take effect.
12. Contact
Questions or requests: support@creativetech-solutions.com.