Privacy policy

• Account data — email, hashed password (argon2id), organization name.
• Site & submission data — hostnames, URLs you submit, engine responses, error reasons.
• Operational telemetry — request timestamps, IP addresses (truncated after 30 days), user agents, and audit log entries.
• Billing identifiers — only when payments are wired up. We never store card numbers; the payment processor (Stripe) holds them.

• The contents of the pages whose URLs you submit.
• Tracking cookies on the marketing site.
• Third-party advertising identifiers.

To run the service: authenticate you, verify your sites, fan submissions out to search engines, deliver webhook callbacks, send transactional email, enforce quotas, and detect abuse. We do not sell your data and we do not share it with third-party advertisers.

We rely on a small number of vendors to run the service. The current list:

• Cloud hosting & DB — AWS (us-east-1).
• Transactional email — AWS SES.
• DNS & CDN — Cloudflare.
• Error monitoring — Sentry.

We notify customers at least 30 days before adding a new sub-processor that handles personal data.

Submission rows are kept for 13 months so you can run year-over-year comparisons. Audit log entries are kept for 24 months. Account data is retained until you delete the workspace; on deletion we wipe it within 30 days from active systems and within 90 days from backups.

You can export, correct, or delete your data at any time. Email support@betterindexnow.com and we’ll respond within 30 days. EU/UK customers have GDPR rights; California customers have CCPA rights. We honor both globally.

TLS in transit, argon2id for password hashing, per-row org isolation, server-side SSRF guards on every fetch we initiate, and a rotating audit log. Read more on our security overview.