Privacy Policy

Last updated: May 19, 2026

1. Data Controller

The controller of your personal data is:

Marketing Miner s.r.o.
Chelčického 95/15, České Budějovice 6, 370 01 České Budějovice, Czech Republic
Company ID: 06278990 · VAT ID: CZ06278990
Email: [email protected]

This policy applies to the „AI Viditelnost a SEO" (AI Visibility & SEO) add-on (“Service”) available at aividitelnost.cz.


2. Personal Data We Process

a) E‑shop Contact and Billing Information

Upon installation of the add-on, we obtain the official contact and billing information of your e‑shop from the Shoptet system, which we use for operating the Service, communication, billing, and support. The legal basis for this processing is performance of a contract (Art. 6(1)(b) GDPR) and legitimate interest (Art. 6(1)(f) GDPR), consisting in the necessity of this data for providing the Service.

b) Usage Data

We collect information about how you use the Service (pages viewed, features used, timestamps). This data is linked to your e‑shop account.

c) Order Data from Your E‑shop

To calculate aggregated business statistics (total revenue, average order value, conversion rate, revenue per category/product, etc.), we access your e‑shop order data through the Shoptet API.

The Shoptet API returns orders including personal data of end customers (name, email, address, phone number). We do not store, log, or transfer this personal data to third parties. It is processed exclusively temporarily in server memory (RAM), where we extract only the necessary business data (order price, date, product code, order status), and it is deleted immediately thereafter. We store only the resulting aggregated statistics, which contain no personal data of end customers.

The legal basis for this processing is legitimate interest (Art. 6(1)(f) GDPR) — as an e‑shop operator, you installed the add-on for the purpose of analyzing the business performance of your e‑shop.

In this context, we act as a processor. The processing terms are set out in Section 5 of our Terms of Service, which constitutes a data processing agreement under Art. 28 GDPR.


3. Data Obtained Through Google API

Marketing Miner s.r.o.'s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Connecting your Google account is optional. If you choose to connect your Google account, we will request access to the following permissions:

Scope What we use it for
openid, auth/userinfo.email Identifying your Google account within the Service
auth/webmasters.readonly Reading data from Google Search Console (website search performance)
auth/analytics.readonly Reading data from Google Analytics 4 (traffic and user behavior)

All permissions are read-only. We use data from Google API exclusively to provide user-facing features of the Service — specifically search performance dashboards, traffic analyses, SEO recommendations, and AI visibility overviews. Google data is stored on servers within the European Union (Amazon Web Services).

You can revoke access to your Google account at any time in the add-on settings or directly at Google at myaccount.google.com/permissions. After revoking access, we will stop obtaining new data. We do not retain raw Google API responses long-term — we store only aggregated statistics and recommendations derived from this data (e.g., historical performance charts, traffic trends) that are displayed in the Service interface. We retain this derived data for the duration of your use of the add-on and for a reasonable period after its uninstallation or revocation of access to your Google account. You may request deletion of this derived data at any time at [email protected].

Compliance with Google API Services User Data Policy

The use of information received from Google APIs is in compliance with the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  1. We use Google API data only to provide user-facing features that are visible to the user.
  2. We do not transfer Google data to third parties, except as necessary to provide user-facing features visible in the Service interface (including processing through third-party AI services for the purpose of generating recommendations), to comply with applicable laws, or as part of a merger, acquisition, or sale of assets (with prior user consent).
  3. We do not use Google data to serve ads, including retargeting, personalized advertising, or interest-based advertising.
  4. Human access to Google data is limited to cases necessary for security purposes, with the user’s explicit consent, in aggregated and anonymized form for internal operations, or as required by law.
  5. We do not use or retain Google data for the purpose of training, developing, or improving foundational AI/ML models.

Processing of Data Through Third-Party AI Services

To provide features of the Service — for example, personalized SEO recommendations and optimization suggestions — selected non-personal data from Google Search Console and Google Analytics 4 may be processed through third-party AI services.

We send only non-personal operational data to these services — typically page URLs, keywords, search performance metrics (rankings, CTR, impressions), traffic metrics, and similar business data. We do not send any personal data.

Data processed through AI services is used exclusively for generating personalized recommendations and analyses displayed directly in the Service user interface. It is not used for training, developing, or improving foundational AI/ML models.


4. Other Data We Process

The Service also processes data that does not constitute personal data under GDPR — specifically product and category data from the Shoptet API, aggregated business statistics calculated from orders (see Section 2c), authentication tokens, search engine ranking data, AI visibility data, and other data from our own sources and/or third parties.


5. Cookies

We use the following types of cookies:

  • Essential cookies — necessary for the Service to function (authentication, session management). These are set automatically.
  • Analytics cookies — help us understand how the Service is used (Google Analytics 4). These are set only with your consent.
  • Advertising cookies — used for ad targeting and remarketing (Google Ads, Meta Ads). These are set only with your consent.

You can change your preferences at any time.


6. Data Recipients

We may share data with the following categories of recipients:

Recipient Purpose Location
Amazon Web Services Hosting and data storage EU
Shoptet a.s. Platform integration, payment processing Czech Republic
Google Ireland Limited Web analytics, advertising EU (Ireland)
Meta Platforms Ireland Limited Advertising, remarketing EU (Ireland)
Third-party AI service providers AI processing — generating SEO recommendations and analyses from non-personal operational data EU / outside EU

We do not sell your data. Sharing data with advertising platforms is based on your consent.


7. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction, or alteration. All communication between your browser and our servers is encrypted using TLS. Access to data is restricted to authorized personnel only. Authentication tokens (including Google OAuth tokens) are stored in encrypted form. We regularly update and monitor our systems for security.


8. Data Transfers Outside the EU

Your data is primarily stored and processed within the European Union (Amazon Web Services). For AI processing purposes (generating recommendations), non-personal operational data (containing no personal data) may be temporarily processed by an AI service provider located outside the EU.


9. Data Retention

We retain your personal data (as an e-shop operator and our client) for the duration of your use of the Service. Aggregated business statistics (which contain no personal data) and other non-personal data of your e-shop (e.g. product, category, and page listings, and operational data generated by your activity in the add-on) are retained for the duration of your use of the Service. After uninstalling the add-on or upon your request, we will delete your personal data, aggregated statistics, and the above-mentioned non-personal data within a reasonable period, except where retention is required by law.


10. Your Rights

Under GDPR, you have the right to access, rectification, erasure, restriction of processing, data portability, objection to processing, and withdrawal of consent. To exercise these rights, contact us at [email protected]. We will respond within 30 days.


11. Changes to This Policy

We may update this policy from time to time. If changes affect the handling of Google data, we will request your renewed consent. The current version is always available at aividitelnost.cz/en/privacy-policy.


12. Supervisory Authority

You have the right to file a complaint with the Office for Personal Data Protection of the Czech Republic (www.uoou.cz) or with the supervisory authority in the EU member state of your habitual residence.