Skip to main content

Privacy Policy

Last updated: May 25, 2026

This Privacy Policy explains how Workflow.team (“we”, “us”, “our”, or the “Service”) collects, uses, stores, and protects information when you use our website, application, and related services.

Workflow.team is an SEO workflow and analytics platform designed to help users manage SEO projects, analyse search performance, work with content plans, monitor pages, backlinks, and connect data from third-party analytics and search platforms such as Google Analytics, Google Search Console, and Yandex Metrica.

By using the Service, you agree to the collection and use of information as described in this Privacy Policy.

1. Information we collect

We collect only the information that is necessary to provide, secure, maintain, and improve the Service.

1.1 Account information

When you create an account or use the Service, we may collect:

– your email address;
– your name or display name, if provided;
– login and authentication information;
– workspace, project, or team settings;
– billing-related information, if paid features are available.

1.2 SEO project data

When you use the Service, you may provide or generate SEO-related data, including:

– website URLs;
– page URLs;
– keyword groups and search queries;
– content plans and briefs;
– page statuses and SEO tasks;
– backlink or external link data;
– imported data from third-party SEO tools;
– notes, comments, and workflow history.

1.3 Data from connected third-party services

If you choose to connect third-party services, we may access data from those services based on the permissions you grant.

This may include data from:

– Google Analytics;
– Google Search Console;
– Yandex Metrica;
– other analytics, search, SEO, or reporting services that may be supported by the Service.

The exact data we access depends on the service you connect and the permissions you approve.

1.4 Google user data

If you connect your Google account, we may request access to Google APIs such as Google Analytics and Google Search Console.

Depending on the permissions you grant, we may access information such as:

– Google Analytics account, property, and view information;
– website traffic and engagement metrics;
– landing page and page performance data;
– Google Search Console sites and verified properties;
– search queries, clicks, impressions, CTR, and average position;
– page indexing and search performance data;
– related metadata required to display reports and connect your projects.

We request access only to the data needed to provide the SEO analytics, reporting, and workflow features of the Service.

1.5 Yandex Metrica data

If you connect Yandex Metrica, we may access information such as:

– counter IDs and counter settings;
– traffic reports;
– visit and session data;
– traffic sources;
– page performance data;
– search phrase data, where available;
– goal and conversion data, where available;
– related analytics data required to generate SEO and performance reports.

1.6 Technical and usage data

We may automatically collect technical information when you use the Service, such as:

– IP address;
– browser type and version;
– device type;
– operating system;
– pages visited within the Service;
– date and time of access;
– error logs;
– performance and diagnostic data;
– security logs.

This information is used to operate, secure, debug, and improve the Service.

1.7 Cookies and similar technologies

We may use cookies and similar technologies to:

– keep you signed in;
– remember your preferences;
– secure user sessions;
– analyse how the Service is used;
– improve performance and usability.

You can control cookies through your browser settings. Some parts of the Service may not work correctly if necessary cookies are disabled.

2. How we use your information

We use collected information to:

– provide and operate the Service;
– authenticate users and manage accounts;
– connect your SEO projects to analytics and search data sources;
– display reports, dashboards, charts, and performance metrics;
– help you manage keyword groups, pages, content workflows, and SEO tasks;
– import, process, and organise SEO-related data;
– monitor system performance and fix technical issues;
– protect the Service from abuse, fraud, and unauthorised access;
– respond to support requests;
– send important service-related notifications;
– improve existing features and develop new functionality;
– comply with legal obligations, if applicable.

3. How we use data from Google APIs

The Service uses Google API data only to provide user-facing SEO analytics, reporting, and workflow functionality.

We may use Google API data to:

– show Google Analytics reports inside the Service;
– show Google Search Console reports inside the Service;
– connect Google properties to user projects;
– calculate SEO performance metrics;
– help users analyse search queries, landing pages, clicks, impressions, CTR, and average position;
– generate dashboards and reports requested by users;
– support SEO workflows connected to pages, keyword groups, and content tasks.

We do not use Google API data for unrelated purposes.

4. Google API Services User Data Policy and Limited Use

Workflow.team’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular:

– we only use Google user data to provide or improve user-facing features that are prominent in the Service;
– we do not sell Google user data;
– we do not use Google user data for advertising;
– we do not use Google user data to build advertising profiles;
– we do not allow humans to read Google user data unless it is necessary for security, legal compliance, support requested by the user, or with the user’s explicit permission;
– we do not transfer Google user data to third parties except as necessary to provide or improve the Service, comply with applicable law, protect against security threats, or as part of a user-directed action;
– we do not use Google user data to train generalized artificial intelligence or machine learning models.

5. How we share information

We do not sell your personal information or connected analytics data.

We may share limited information only in the following situations:

5.1 Service providers

We may use trusted service providers to help operate the Service, such as hosting providers, database providers, analytics infrastructure, authentication tools, payment processors, and email delivery services.

These providers may process information only as needed to provide services to us and must protect it appropriately.

5.2 User-directed actions

We may share or export information when you instruct us to do so, for example when you:

– invite a team member;
– export a report;
– connect an integration;
– share a public or private link;
– send data to another tool or service.

5.3 Legal and security reasons

We may disclose information if we believe it is necessary to:

– comply with applicable law or legal process;
– enforce our Terms of Service;
– protect the rights, property, or safety of users, the Service, or others;
– investigate fraud, abuse, security incidents, or technical issues.

5.4 Business changes

If the Service is involved in a merger, acquisition, reorganisation, or sale of assets, user information may be transferred as part of that transaction. If this happens, we will take reasonable steps to ensure continued protection of your information.

6. Data storage and security

We use reasonable technical and organisational measures to protect information against unauthorised access, loss, misuse, alteration, or disclosure.

These measures may include:

– encrypted connections;
– access controls;
– authentication and authorisation controls;
– secure storage of access tokens;
– logging and monitoring;
– regular maintenance and security updates;
– limiting access to data based on operational need.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to protect your data using commercially reasonable safeguards.

7. Access tokens and connected accounts

When you connect a third-party service such as Google Analytics, Google Search Console, or Yandex Metrica, the Service may store access tokens or refresh tokens required to maintain the connection.

We use these tokens only to access the data you have authorised.

You can disconnect integrations from within the Service, where this functionality is available. You may also revoke access directly through the third-party service provider, such as your Google Account permissions page or Yandex account settings.

8. Data retention

We retain information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, maintain security, and enforce agreements.

In general:

– account information is retained while your account is active;
– project and SEO workflow data is retained while you maintain it in the Service;
– connected third-party data may be stored or cached to provide reports and historical analysis;
– logs and diagnostic data may be retained for a limited period for security and maintenance;
– deleted data may remain in backups for a limited time before being removed according to backup retention processes.

You may request deletion of your account or project data by contacting us at a@suhov.media.

9. Your choices and rights

Depending on your location, you may have rights to:

– access the personal information we hold about you;
– correct inaccurate information;
– delete your information;
– restrict or object to certain processing;
– request a copy of your information;
– withdraw consent where processing is based on consent;
– disconnect third-party integrations.

To make a request, contact us at a@suhov.media.

We may need to verify your identity before fulfilling certain requests.

10. International data transfers

The Service may be operated using infrastructure located in different countries. By using the Service, you understand that your information may be processed and stored outside your country of residence.

Where required, we take reasonable steps to protect personal information in accordance with applicable data protection laws.

11. Children’s privacy

The Service is not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us at a@suhov.media, and we will take appropriate steps to delete it.

12. Third-party services

The Service may contain links to or integrations with third-party services. This Privacy Policy does not apply to third-party websites, applications, or services.

Your use of third-party services is governed by their own privacy policies and terms.

Relevant third-party services may include:

– Google Analytics;
– Google Search Console;
– Google OAuth;
– Yandex Metrica;
– payment providers;
– hosting and infrastructure providers;
– email and support tools.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify users, such as by updating the date at the top of this page or providing a notice within the Service.

Your continued use of the Service after changes become effective means that you accept the updated Privacy Policy.

14. Contact us

If you have questions about this Privacy Policy or how your data is handled, contact us at: a@suhov.media