Privacy Policy

Last updated:

Vedrly (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our website at https://vedrly.com and our monitoring platform and services (collectively, the “Service”).

By accessing or using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

This Policy applies to personal data we process as a data controller (e.g., your account information) and as a data processor (e.g., monitoring data and Google Search Console data from websites you configure).

Vedrly is operated by Khalid Assefiani, based in Morocco.

1. Information We Collect

1.1 Personal Data You Provide

  • Account registration: name, email address, password, company name
  • Billing: payment details (processed securely by third-party providers; we do not store full card info)
  • Support/contact: messages, feedback, or inquiries
  • Configuration: alert destinations (e.g., email addresses, Slack/Telegram tokens)

1.2 Automatically Collected Data

  • Device & usage: IP address, browser type, OS, pages visited, time spent, referral source
  • Cookies & trackers: session cookies, analytics (Google Analytics or similar), preferences
  • Monitoring data: uptime/status metrics, performance logs, security scan results from sites you monitor

1.3 Customer Data (Processed on Your Behalf)

When you add websites/domains to monitor, we collect and process technical data solely to provide the Service. This is customer data — you remain the controller; we act as processor.

1.4 Google Search Console Data

When you connect your Google Search Console (GSC) account to Vedrly, we request and process the following data on your behalf:

  • Search performance data (impressions, clicks, click-through rate, average position)
  • Indexing status and errors
  • Sitemap information
  • URL inspection data

This data is used exclusively to generate white-label reports, performance insights, and SEO recommendations for you and your clients. You remain the data controller of your Google Search Console data; Vedrly acts only as a data processor.

Vedrly's use of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, profiling, or resale.

1.5 Payment Information (Paddle)

When you make a purchase or subscribe to a paid plan, your payment is processed securely by Paddle, our payment processor. We do not store your full credit card details. Paddle collects and processes your billing information (including name, email, address, and payment details) to complete the transaction and manage your subscription.

By subscribing, you consent to Paddle processing your payment data in accordance with their Privacy Policy.

Billing, subscriptions, and refunds are managed by Paddle. For more information about billing terms, please refer to our Terms of Service.

1.6 AI Processing of Data

To provide intelligent SEO insights and automated client reports, Vedrly processes certain Google Search Console data (such as impressions, clicks, CTR, average position, and queries) using third-party artificial intelligence services, including OpenRouter.

This data is shared only for the following purposes:

  • Generating personalized SEO insights and recommendations
  • Summarizing performance trends
  • Producing human-readable white-label reports

We do NOT use this data for:

  • Advertising or marketing
  • User profiling
  • Training general AI models
  • Resale, data brokerage, or any other commercial purpose

All data is transmitted securely (HTTPS) and is processed under strict contractual agreements with our AI providers. These providers are contractually prohibited from using the data for any purpose other than providing the service to Vedrly.

Vedrly fully complies with Google’s API Services User Data Policy, including the Limited Use requirements. We only use and transfer Google user data to provide or improve user-facing features that are prominent in the Vedrly application.

Users can revoke access to their Google Search Console data at any time via their Google Account settings.

2. How We Use Your Information

  • Provide, maintain, and improve the Service (dashboards, reports, alerts)
  • Generate white-label SEO and performance reports using Google Search Console data
  • Authenticate accounts and prevent unauthorized access
  • Process subscriptions and payments
  • Send alerts/notifications based on your settings
  • Analyze usage to enhance features and performance
  • Comply with legal obligations
  • Detect, prevent, and investigate fraud, abuse, or security incidents

3. Cookies and Tracking Technologies

We use cookies, beacons, and similar technologies for essential functions, analytics, and preferences. You can manage preferences via our cookie banner or browser settings.

Third-party analytics (e.g., Google Analytics) may collect anonymized data. We do not use data for targeted advertising.

4. Sharing Your Information

We share data only as necessary:

  • Service providers/subprocessors: hosting, payment processors (Paddle), AI processing providers (used solely for generating insights and reports), alert services (Slack, Telegram), and Google APIs (for Search Console integration)
  • Legal requirements: subpoenas, court orders, or to protect rights/safety
  • Business transfers: in mergers, acquisitions, or asset sales

We do not sell personal data or Google Search Console data. All subprocessors are bound by strict data processing agreements.

A Data Processing Agreement (DPA) is available upon request for customers who require it.

5. International Data Transfers

Data may be transferred to and processed in countries outside Morocco/EU (e.g., US-based cloud providers). We use appropriate safeguards (e.g., Standard Contractual Clauses) to protect transfers under GDPR.

6. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (HTTPS), access controls, and secure infrastructure practices. However, no system is completely secure.

7. Data Retention

We retain personal data only as long as necessary to provide the Service. We delete or anonymize personal data within 30 days after account deletion, unless a longer retention period is required by law.

Google Search Console data is deleted immediately when you revoke access or remove your account from Vedrly.

8. Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete your data, or revoke access to your Google Search Console data at any time.

You can revoke Google Search Console access directly from your Google Account Permissions page or from within Vedrly.

Contact support@vedrly.com to exercise your rights.

9. Children's Privacy

The Service is not directed to children under 13 (or 16 where required by local law). We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Policy. Significant changes will be notified via email or in-app notice. Continued use constitutes acceptance.