// SEOWOLF Privacy Policy
Seowolf
Demographic Intelligence
// Legal & Policies

Privacy Policy

Last updated: 1 June 2025  ·  seowolf.org

Overview

Seowolf is committed to protecting your privacy. This Privacy Policy explains what information is collected when you use the Seowolf Demographic Checker, how it is used, and your rights in relation to it. We follow a minimal data philosophy: we collect only what is strictly necessary for the Service to function.

Short version: We do not store your name lists, we do not track you across sites, and we do not sell any data.

Information We Collect

When you use the Service, the following data may be processed:

  • Names submitted for analysis — processed transiently during your session and not persisted to any database after your session ends
  • Session data — a temporary server-side session is created to support CSRF protection, rate limiting, and caching of prediction results within your visit
  • IP address — used ephemerally for IP geolocation (to improve prediction accuracy) and rate limiting; not logged or stored beyond the current request
  • Standard server logs — your web server may log request metadata (IP, timestamp, HTTP method, path) as is standard for any web server; these logs are retained according to your hosting provider's policy

What We Do NOT Collect

  • No user accounts or registration
  • No persistent tracking cookies or advertising cookies
  • No third-party analytics scripts (Google Analytics, Facebook Pixel, etc.)
  • No name lists or analysis results stored in a database
  • No payment or financial information
  • No biometric or sensitive personal data

Session Data & Cookies

The Service uses a server-side PHP session to maintain state during your visit. This session stores:

  • A CSRF token to protect form submissions
  • Cached prediction results for names you have already queried (to avoid redundant external API calls)
  • Your detected country (from IP geolocation, if enabled) for contextual predictions
  • A rate-limit counter to prevent abuse

The session is identified by a cookie named PHPSESSID which is set as HttpOnly, SameSite=Strict, and Secure (on HTTPS). This cookie is deleted when you close your browser or when the server session expires (typically 24 minutes of inactivity). No tracking or advertising cookies are set.

Third-Party Services

The Service communicates with external prediction APIs to return demographic estimates. Name data (first names only, stripped of surnames and salutations) is transmitted to these services as part of the prediction process. These services have their own privacy policies which govern their data handling. We encourage you to review them:

  • Gender prediction service — processes first names to return gender probability
  • Age prediction service — processes first names to return estimated age
  • Nationality prediction service — processes first names to return nationality probability
  • Country data service — provides country metadata (region, language, currency); no personal data transmitted
  • IP geolocation service — processes your IP address to return a country estimate; see the service provider's privacy policy

We do not share full names, surnames, email addresses, or any other personal identifiers with any third party.

IP Geolocation

If IP geolocation is enabled, your IP address is sent to a geolocation provider to determine your approximate country. This is used solely to improve the accuracy of demographic predictions by providing regional context. The geolocation result (country name and code only) is stored in your server session for the duration of your visit and is not persisted. You may dismiss the GeoContext banner at any time to disable this feature for your session.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access — request a copy of personal data we hold about you
  • Right to erasure — request deletion of personal data
  • Right to object — object to certain types of processing
  • Right to portability — receive your data in a portable format

Given our minimal data collection approach, there is typically no persistent personal data to action. To exercise any right, contact us using the details in the Contact section below.

Data Retention

Session data is retained only for the duration of your browser session (or up to 24 minutes of server-side inactivity). No name data, analysis results, or IP geolocation data is retained after your session expires. Server access logs, if maintained by the hosting provider, are typically retained for 30–90 days.

Security

We implement reasonable technical measures to protect the Service, including CSRF tokens on all form submissions, rate limiting, session ID regeneration on first visit, HttpOnly and SameSite cookie attributes, and HTTP security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy). However, no internet transmission is completely secure, and we cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be reflected by a revised date at the top of this page. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

Contact

For privacy-related enquiries, contact us via Instagram @seowolf_org or at seowolf.org. If you are located in the EU and believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority.