Overview
This Privacy Policy applies to the website, account area, checkout, order management, support communication, and related tools operated under the Backlinks.expert brand.
We process personal data only when there is a lawful reason, such as providing services you request, securing the platform, processing payments, measuring performance, and meeting legal obligations.
This policy is written to be transparent and practical. It explains exactly what is collected, what is shared, and how you can exercise privacy rights.
1. Data controller and contact
Backlinks.expert is the controller of personal data processed through this platform, unless a specific process clearly states that another party acts as controller.
For privacy requests, account data questions, or data subject rights requests, contact us at [email protected].
2. Scope of this policy
This policy applies to website visitors, users creating an account, customers placing orders, affiliate users, and anyone communicating with us by email or support channels.
It also applies to the processing of technical data created while using our website, such as logs, security events, and anti-abuse signals.
3. Categories of data we collect
Account and identity data can include your email address, account name, authentication provider identifiers, referral code, and account role information.
Commercial data can include cart data, selected placements, campaign details, target URLs, anchor text, order status, pricing, invoices, and payment confirmations.
Support and communication data can include messages sent through platform forms or email, plus related conversation history needed to resolve your request.
Technical and security data can include IP address, browser and device details, request metadata, session and cookie values, anti-fraud signals, and server-side logs.
Where files are uploaded for order execution, we process file metadata and file content needed to deliver the service.
4. How we collect data
We collect data directly from you when you register, sign in, place orders, fill forms, upload materials, subscribe to updates, or contact support.
We collect data automatically from your browser and device through cookies, session mechanisms, security checks, and analytics tooling used on the platform.
We also receive limited data from integrated providers such as payment, authentication, anti-spam, analytics, advertising, and email service providers.
5. Account access and authentication
You can access Backlinks.expert through email magic links and, where enabled, with Google Sign in. For Google Sign in, we process identity data returned by Google such as account email, Google account identifier, and profile name.
Authentication and account security are protected by server-side validation, rate limiting, session controls, and abuse prevention safeguards.
6. Order processing and service delivery
We process campaign and order details to deliver purchased services, including guest posts, link insertions, and related order options selected during checkout.
We use provided campaign inputs, URLs, anchors, and publication requirements to execute your order and provide status updates.
When a content-related add-on is selected, we process the related brief and may deliver draft content and revisions through email or account communication channels.
7. Payments, invoicing, and billing records
Online payments are processed through Stripe. Card details are handled by Stripe and are not stored as raw card numbers on Backlinks.expert servers.
We receive and process payment metadata required for order fulfillment and accounting, such as payment status, payment identifier, amount, currency, and timestamp.
Billing and invoice data may be retained for statutory tax and accounting obligations.
8. Email communication and subscriber tools
We send transactional emails needed to operate your account and orders, for example account access, payment, and order status messages.
Where enabled, we may use MailerLite for subscriber list operations and campaign communication. You can unsubscribe from marketing emails at any time using the unsubscribe option included in the message.
Operational and legal communications may still be sent when necessary to provide the service or comply with legal obligations.
9. Analytics, attribution, and advertising conversions
We use Google Tag Manager on the site to manage measurement and marketing scripts. Depending on configuration, this can include analytics tools and advertising measurement tags.
We preserve campaign attribution parameters such as UTM values to measure acquisition quality and campaign performance.
We may use LinkedIn conversion tracking mechanisms, including LinkedIn Conversions API, to measure events such as successful registration, add to cart, and successful purchase.
We may also use Meta Conversions API to measure key events such as account registration, add to cart, and successful paid orders for advertising attribution and campaign optimization.
For conversion matching where configured, we may send pseudonymized identifiers such as SHA-256 hashed
email and LinkedIn click identifiers like li_fat_id.
10. Cookies and similar technologies
We use essential cookies for session continuity, security, and core platform operations. We also use cookies for referral attribution and cart state continuity.
Cookies used by our own platform can include values such as be_referral_code,
and be_cart_snapshot.
Third-party tools loaded through our website may set their own cookies or similar identifiers. You can manage cookies through browser settings.
11. Legal bases for processing (GDPR and similar frameworks)
We process data on one or more legal bases, including contract necessity, legal obligation, legitimate interests, and consent where required by law.
Contract necessity covers account operation, checkout, payment processing, and order fulfillment. Legal obligation covers accounting, tax, and legal compliance duties.
Legitimate interests cover platform security, fraud prevention, service reliability, and business measurement. Consent is used where required and can be withdrawn for future processing.
12. Data sharing and categories of recipients
We share data with trusted processors only where needed to run the service. Typical categories include hosting and infrastructure providers, payment processors, authentication providers, anti-spam tools, email delivery providers, analytics providers, and customer communication services.
Based on active integrations, this can include providers such as Stripe, Google (OAuth, Tag Manager), LinkedIn conversion services, Meta conversion services, MailerLite, and cloud storage providers used for order files.
We do not sell personal data for money. We may disclose data where legally required, to enforce legal rights, or to protect platform security and users.
13. International data transfers
Some providers process data outside your country. Where required, we rely on lawful transfer mechanisms such as adequacy decisions, contractual safeguards, and supplementary controls.
We review transfer risks and provider safeguards as part of vendor management.
14. Data retention
We retain data only for as long as needed for the purposes described in this policy, including contractual, legal, accounting, dispute, and anti-fraud requirements.
Account data is generally retained while your account is active and for a reasonable period after closure. Transaction and invoice records may be retained for statutory periods. Security logs are retained for operational security and incident response needs.
Data that is no longer needed is deleted, anonymized, or irreversibly de-identified where appropriate.
15. Security measures
We apply technical and organizational safeguards designed to protect confidentiality, integrity, and availability of personal data. Measures include access controls, encrypted transport, logging, and service hardening.
No online service can guarantee absolute security. If we detect a data incident that triggers legal notification duties, we will act according to applicable law.
16. Your privacy rights
Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing, and in some cases receive a portable copy of your data.
You may request account deletion and linked data review by contacting [email protected]. We may need to verify your identity before processing sensitive requests.
If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.
17. Additional notice for US residents
If applicable US privacy laws grant specific rights, you may request to know what categories of personal information we collect, request deletion, or request correction of inaccurate information.
We do not sell personal information for monetary consideration. We will not discriminate against you for exercising legally protected privacy rights.
18. Children and minors
Backlinks.expert is a business platform and is not intended for children. We do not knowingly collect personal data from children under the age required by applicable law for valid consent.
If you believe a child submitted personal data to us, contact us and we will review and remove it where required.
19. Policy updates
We may update this policy to reflect legal, operational, product, or provider changes. The updated version is published on this page with a revised effective date.
Material changes may also be communicated through account or email notices where appropriate.
20. Contact and complaints
For any privacy matter, including rights requests, processing details, or complaints, contact [email protected].
We review every request and respond within the period required by applicable law.
Third-party privacy resources
You can review third-party policies directly at Google Privacy Policy, LinkedIn Privacy Policy, Stripe Privacy Policy, and MailerLite Privacy Policy.