Semrush
Privacy Policy
This Privacy Policy describes how we collect, use, process, and disclose your information, including personal information, when you use the Services.
This Privacy Policy is subject to the Terms of Service, available for review here.
If you see an undefined term in this Privacy Policy, it has the same definition as in our Terms of Service.
CONTENT- INTRODUCTION
- WHO WE ARE?
- WHAT PERSONAL DATA AND FROM WHICH SOURCES WE COLLECT?
- HOW DO WE USE THE COLLECTED INFORMATION?
- DO WE SHARE PERSONAL DATA WITH OTHERS?
- DO WE TRANSFER PERSONAL DATA TO COUNTRIES OUTSIDE THE EEA?
- HOW LONG DO WE STORE YOUR PERSONAL DATA?
- WHAT ARE YOUR RIGHTS UNDER APPLICABLE DATA PROTECTION LAWS?
- OTHER IMPORTANT INFORMATION
- HOW IS YOUR PERSONAL DATA SECURED?
- OUR POLICY TOWARDS CHILDREN
- CHANGES
- CONTACT US
- INTRODUCTION
We appreciate the trust you place in us when sharing your personal data. The security of that data is very important to us. In this document, we will explain how we collect, use and protect your personal data.
We will also explain what rights you have with regards to your personal data and how you can exercise those rights.
- WHO WE ARE?
SEMrush Inc., a Delaware corporation with its principal place of business at 800 Boylston Street, Suite 2475, Boston, MA 02199, USA (hereinafter also “Semrush”, “we”, “us”) is the data controller in respect of your personal data we collect and process about you.
We determine how and why your personal data is processed within Semrush Group of companies.
Semrush and its affiliated companies:
- SEMrush Holdings, Inc.
- SEMRUSH CY LTD;
- SEMRUSH RU LTD;
- SEMRUSH SM LTD;
- Semrush CZ s.r.o.
will be referred to collectively as the “Group of companies”.
If you have questions about how we process personal data, or would like to exercise your data subject rights, please email us at gdpr@semrush.com. If you contact us via email, please note that the communication is not automatically encrypted.
- WHAT PERSONAL DATA AND FROM WHICH SOURCES DO WE COLLECT?
The personal data we may collect about the users of our Services are described in detail below.
In summary, we may collect:
- Information you provide us while using our Services,
- Information you provide us while using some tools in our Services,
- Automatically collected information about your use of our Services or tools,
- Information you provide us while using our Blog, Public Profile or another Website content,
- Information provided or collected for marketing purposes.
- Information you provide us while using our Services
- Information that is necessary for the use of the Services.
We ask for and collect the following personal information about you when you use the Services:
- Account Information. When you sign up for the Services you create a user account ("Semrush Account"), we require certain information such as your email address.
- Payment Information. To use certain features of the Services (Paid Services) we require you to provide certain financial information (like your bank account or credit card information) in order to facilitate the processing of payment. In order to provide you a possibility to pay the Service, we have indicated in the input screens on our Website the respective input fields you are required to complete in order to complete payment for the Paid Services.
- Identity Verification and Other Information. In some cases (for example if you request to refund fees you paid) we may ask to provide us the following information: your billing information (name, transaction ID, last 4 digits of the credit card associated with the account, billing date, etc.), email address, login name. We also may require to provide us with identity verification information (such as images of your passport, national ID card) or other authentication information in order to verify your identity, provide the Paid Services to you, and to comply with applicable law.
- You may provide us with the following information:
You may choose to provide us with additional personal information in order to obtain a better user experience when using the Services. This additional information will be processed based on your consent. You will see the respective notice (including request for granting us with your consent) before the data is being provided.
- Additional Profile Information. You may choose to provide additional information as part of your Semrush Account (such as your job title, name of your employer, phone number (except when we require your phone number to use promo code by you or when you must insert the phone number when you use our Paid Services)).
- Additional Payment Information. You may choose to provide additional information such as your VAT, additional billing address or name of the entity that you represent.
- Information you provide through our support channels. The Services also include customer support, where you may send any question regarding the Services. If you speak to one of our representatives directly, by email or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem and any other information that would be helpful in resolving the issue.
- Information you provide through our landing pages. If you would like to you can leave the information (such as your name, email, phone number or any comment you would like to) on our Website to provide your feedback, request information about our Services, etc.
- Information that is necessary for the use of the Services.
- Information you provide us while using some tools in our Services
Some of our tools may require to provide us with additional information (for example if the tool allow you to integrate your social media account with the tool). Such kind of integration can be made at your own discretion. You will receive respective notice (including request for your consent) before the integration is realized.
Below are specified some types of integrations with our tools which you can make.
- Mailbox integration
Mailbox integration means an integration of Semrush tools with Gmail and/or Microsoft (Outlook, Exchange Online, Office365) accounts (jointly and individually referred to as “Mailbox account”) via API. Some of our tools may ask your permission to integrate your Mailbox account with.
In order to enhance your removal requests or outreach emails experience for your productivity and monitoring purposes you can grant us access to your Mailbox account via API only if you voluntarily decide to give us the permission to integrate our tools with your mail account and to choose which email account you would like to connect with our tools.
Due to this integration:
- you will be able to compose, send, read and process outreach email via a tool’s interface;
- you will be able to send removal requests regarding backlink(s) which looks unnatural or harmful via a tool’s interface;
- we will provide you with the information related to your emails sent via tool’s interface. We will show you if your emails were received, opened, if there any replies to your emails. We will demonstrate you replies to your email via our tool interface.
After the integration we will be able to store in our database in the encrypted way the following information related only to outreach emails sent by you via tool interface:
- Initial email’s subject and body text;
- Replies email’s subject and body text;
- API token;
- Thread and message ids;
- Recipient(s) and sender of emails;
- Metadata: time/day of email sending, delivering, opening, replying, email status.
Notwithstanding anything herein to the contrary, we will use the data received via Mailbox integration only to provide you with the features mentioned above in order to enhance your email experience for productivity purposes and for monitoring purposes. We may also transfer data received via Mailbox integration as necessary to comply with applicable law or as a part of a merger, acquisition, or sale of assets with notice to users. All other transfers or sales of the user data received via Mailbox integration are prohibited.
We will not use the data received via Mailbox integration for any other purposes except providing you with services inside of our tools, specifically we will not use the data received via Mailbox integration for any advertising purposes, including retargeting, personalized or internet-based advertising.
All the data received via Mailbox integration will be processed only at the software level.
We will allow a person to read the data received via Mailbox integration only if:
- You first give us affirmative agreement for specific messages;
- It is necessary for security purposes (such as investigating a bug or abuse);
- It is necessary to comply with applicable law; or
- Our use is limited to internal operations and the data received via Mailbox integration (including derivations) have been aggregated and truly anonymized.
You can revoke your permission and access to your Mailbox account at any time by clicking the “bin” icon next to the mailbox mention inside the tool. You can delete all your previous emails available due to the integration by deleting the project in the tool during the revocation process, or sending us the relevant request. As soon as you revoke the access, we will remove your Mailbox token which allowed us to carry out the functions mentioned above and stop monitoring your emails immediately.
For the purposes of this clause the data received via Mailbox integration means the raw data, aggregated data, anonymized data or derived data.
In a case of any conflict between the terms of this clause and terms of the Privacy Policy, the provisions of the clause 3.2.1. Mailbox integrations regarding the data received via Mailbox integration shall prevail.
- Social media
Some of our Services may require providing an access to your profile in social networks (such as Facebook, Twitter, LinkedIn, etc.). You will see the respective notice (including request for your consent) before the access is being provided. You are the only person who decides if you would like to provide this access. You can revoke this access in your social network’s profile any time.
- Marketing Calendar
If you use the tool Marketing Calendar inside the Services you can share with any person who is Semrush user all information from your Marketing Calendar at your sole discretion including any information you’ve inserted in the Marketing Calendar.
- Google Analytics and Google Search Console
You can integrate the Services with your Google Analytics or Google Search Console and provide us with the information from your Google Analytics or Google Search Console accounts. You will see the respective notice (including request for your consent) before the access is being provided. You are the only person who decides if you would like to provide this access. You can revoke this access any time.
- Social Media Tracker
Semrush uses YouTube API Services within its Social Media Tracker tool. Therefore, if you are using Social Media Tracker within the Services, you are agreeing to be bound by YouTube’s General Terms of Service ( https://www.youtube.com/t/terms) and Google’s Privacy Policy ( https://policies.google.com/privacy?hl=en). In addition to normal procedure for deleting stored data, you can revoke access to your data collected by Google via Google security settings page at https://myaccount.google.com/permissions?pli=1.
- Site Audit
In order to provide an audit of the website we will ask you provide the information which will provide us access to the private part of your website (username and password).
- LeadGen
While using this tool, you will be given a script that collects email addresses (provided voluntarily) of your customers for the opportunity to receive a free audit of the website.
You warrant and confirm that you have obtained a valid consent of your customers including the sharing of their personal details with us for the purpose of provision of our website audit services on behalf of you.
- Third party’s personal information
Some of our Services can give you an opportunity for example to send a report to any person you would like to. If you provide us with the personal data of any third party (such as email) you grant us a right to process the personal data of this person and you warrant that you have a correspondent permission from this person.
Third person will receive the notice about the source of his/her contact and will be asked for the consent before we start to use the third party’s personal data for the given purpose.
- Mailbox integration
-
Automatically collected information about your use of our Services or tools
When you use the Services, we automatically collect information, including personal information, about the services you use and how you use them. This information is necessary for the adequate performance of the contract between you and us, to enable us to comply with legal obligations and given our legitimate interest in being able to provide and improve the functionalities of the Services.
- Device and Connection Information. We collect information about your computer or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP registered address, IP address of your log in, URLs of referring/exit pages, your timezone and your language preferences. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience and to fulfil our legal and fiscal obligations. You can change the information about your country in your Semrush Account.
- Cookies and Similar Technologies. We use on our Website cookies and other similar technologies (including marketing/advertising tags and pixels). For more information on our use of these technologies, see our Cookie Policy. You will receive the notice about our use of the Cookies and similar technologies during your first visit of Semrush web. You may adjust or block our use of them in your respective browser settings.
- Payment Transaction Information. Semrush may collect information related to your payment transactions through the Services, including the product name, type of payment instrument used, date and time, payment amount, tax amount, credit card number, credit card expiration date, card holder name (if provided), card verification value/code and billing details: first name, last name, phone, address, country, state, city, postal code, and other details connected with transactions.
- Third-Party Widgets. Some of our Services contain widgets and social media features, such as the Facebook button. You are the only person who decides if you would like to press this button and share your personal data with the respective third-party operators of widgets or social media. These widgets and features collect your IP address, the information about the page you are visiting during your use of the Services, and may set a cookie to enable the feature to function properly. Widgets and social media features are either hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the company providing it and we recommend to you to read them prior to sharing your data with such third parties.
- Conversion Tags. If you reach our website via our partner’s Reference Link
as described in our
Affiliate program,
we may use conversion tags, provided by
Conversant LLC
(“CJ Conversion Tags”), for the purposes of correct attribution of our partner’s
marketing activity and the performance of our
Affiliate program.
You will receive the notice about our use of the Cookies and similar technologies during your first visit of our partner’s web including request for your consent with use of Conversion Tags. You are the only person who decides if you would like to provide this permission. You can revoke your permission any time.
CJ Conversion Tags collect the following data of the order and/or the form completed on our website.
- unique order ID;
- quantity of each product purchased;
- price of each product purchased;
- currency of the transaction;
- discount amount (if any);
- coupon code used (if any);
- marketing channel the sale is attributed to and a last click timestamp;
- dynamic CJ event click token captured on landing page URL.
The processing of such data is also subject to Conversant Privacy Policy. You can revoke your permission to process the data for the purposes described above by sending an e-mail to gdpr@semrush.com.
- Tracking Pixels and similar technologies. We and our third party partners
may use other, similar technologies from time to time, like web beacons, pixels and other
tracking technologies. These are tiny graphics files that contain a unique identifier that
enable us to recognise when someone has visited our Websites or, in the case of web beacons,
opened an e-mail that we have sent them. This allows us, for example, to monitor the traffic
patterns of users from one page within our Websites to another, to deliver or communicate
with cookies, to understand whether you have come to our Websites from an online
advertisement displayed on a third-party website, to serve targeted advertisements to you
and others like you, to improve site performance, and to measure the success of marketing
campaigns.
When using e-mail tracking pixels technology, the following information is automatically collected and processed:
- userID - mail recipient identifier (ID of Semrush User);
- eventCategory - category of event (always ‘product_email');
- eventAction - type of event: send (if e-mail is sent), open (if e-mail is opened);
- eventLabel - mail template identifier;
While you may not have the ability to specifically reject or disable these tracking technologies, in many instances, these technologies are reliant on cookies to function properly; accordingly, in those instances, declining cookies will impair functioning of these technologies. For more information on our use of these technologies, see our Cookie Policy.
- Information you provide us while using our Blog,
Public Profile or another Website content
If you use our Blog or another content or would like to participate in our webinars we can ask you to provide us with some information (such as your name, job title, your photo or other information).
By posting any information on our website you acknowledge and agree that the data you fill in during the subscription process on our website or any time later creates your public profile (hereinafter "Public Profile"). You acknowledge and agree that the information that you provide in your Public Profile would be visible to the others. You can change the information in your Public Profile whenever you want.
- Information provided or collected for marketing purposes
If you use our Services, we are entitled, based on our legitimate interest, to use your identification and contact details (in particular, your name and surname, job title, company, telephone number, e-mail) and information about your use of our Services for reaching the current or potential customers by direct marketing or thorough advertising campaigns on social networks including creation of Lookalike Audience on Facebook or similar type of marketing campaigns.
If you participate in events and conferences organized by us we can ask you for granting the consent with the processing of your personal data (in particular, your identification and contact data fill in the respective form of registration and information about your interests in the Services and participation in our events).
- HOW DO WE USE THE COLLECTED INFORMATION?
We use, store, and process information, including personal information, about you for the following purposes:
- to provide, improve, and develop the Services,
- to create and maintain a trusted and safer environment,
- to provide, personalize, and improve our advertising and marketing,
- to provide and secure paid Services, and
- to comply with our legal obligations.
- To provide, improve, and develop the Services.
- Enable you to access and use the Services.
- Operate, protect, improve, and optimize the Services and experience, such as by performing analytics and conducting research. Subject to our contract with you we process this information either manually or by computer.
- Provide customer service: to resolve technical issues you meet, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services.
- Send you service or support messages, updates, security alerts, and account notifications.
- If you provide us with your contacts’ information, we may process this information: (i) for fraud detection and prevention, and (ii) for any purpose you authorize at the time of collection.
We process this information given our legitimate interest in improving the Services, and where it is necessary for the adequate performance of the contract with you.
- To create and maintain a trusted and safer environment.
- Detect and prevent fraud, spam, abuse, security incidents, and other harmful activity.
- Conduct security investigations and risk assessments.
- Verify or authenticate information or identifications provided by you (such as to verify your ID).
- Comply with our legal obligations.
- Resolve any disputes and enforce our agreements with third parties.
- Enforce our Terms of Service and other policies.
We process this information given our legitimate interest in protecting the Services, to measure the adequate performance of our contract with you, and to comply with applicable laws.
-
To provide, personalize, and improve our advertising and marketing.
- Send you promotional messages, marketing, advertising, and other information that may be interesting to you based on your preferences (including information about Semrush campaigns and services) and social media advertising through social media platforms (such as Facebook or Google).
- Personalize, measure, and improve our advertising.
We will process your personal information for the purposes listed in this section based on your consent by way of cookies and web beacons while you are visiting the Website and use our Services in accordance with this Privacy Policy.
You will receive marketing communications from us if you’ve given us the consent. You can opt-out of receiving marketing communications from us by following the unsubscribe instructions included in our marketing communications or changing your notification settings within your Semrush Account.
If you are already our customer/user of our Services, see please also point 3.5 above in respective of additional information on the use of your personal data for marketing campaigns.
- To provide and secure Paid Services.
- Enable you to access and use the Paid Services.
- Detect and prevent fraud, abuse, security incidents, and other harmful activity.
- Conduct security investigations and risk assessments.
- Comply with legal obligations (such as anti-money laundering regulations).
- Enforce payment policies.
We process this information given our legitimate interest in improving the Paid Services, and where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
- Automated individual decision-making
Semrush does not carry out the processing under Article 22(1) of the GDPR: You will not be subject to a decision adopted by Semrush based solely on automated processing of your personal data, including profiling, which produces legal effects concerning you or similarly significantly affects you.
- DO WE SHARE PERSONAL DATA WITH OTHERS?
In the context of the data processing above and the respective legal bases given (contract performance, legitimate interests, consent or processing obligations under law), your data may be passed on to the following categories of recipients:
- Group of companies
Your personal data can be shared by Semrush across the Group of companies (members of Group of companies are mentioned above in point 2). If your personal data is shared, this is done provided that there is a need for knowledge of this data and this data is shared only with selected employees of Group of companies for fulfilment of their working tasks.
Access rights between members of the Group of companies are limited and we only grant them if the person needs to know the relevant data on the basis of his or her job or job responsibilities, and the authorized employees are bound by the confidentiality obligation.
- Service Providers
Semrush uses external service providers as payment service providers; service providers providing conduct background or police checks, fraud prevention, and risk assessment, perform product development, maintenance and debugging, newsletter dispatch, analysis of information etc. In order to fulfil their obligations, Semrush must transfer certain data to them or service providers have to process certain data.
Semrush also use external providers of IT infrastructure to store and process your personal data.
All external service providers are checked by Semrush and provide sufficient guarantees regarding the confidentiality and security of your data. With all of these providers Semrush has concluded written data privacy agreement where the providers have undertaken to protect personal data and to comply with Semrush 's privacy standards.
- Social networking websites
Where permissible according to applicable law we may use certain limited personal information about you, such as your email address, to hash it and to share it with social network websites, such as Facebook or Google, to generate leads, drive traffic to our websites or otherwise promote our products or Services. These processing activities are based on our legitimate interest in undertaking marketing activities to offer you products or services that may be interesting to you.
The social network websites with which we may share your personal data are not controlled or supervised by us. Therefore, any questions regarding how your social network websites service provider processes your personal data should be directed to such provider.
Please note that you may, at any time ask Semrush to cease processing your data for these direct marketing purposes by sending an e-mail to gdpr@semrush.com.
- Other third parties
In certain circumstances, we share and/or are obliged to share your personal data with third parties outside the Group of companies or services providers, for the purposes described above and in accordance with the data protection laws.
These third parties include, in particular:
- administrative and similar authorities (tax authorities);
- financial institutions (banks, insurance companies);
- business partners (with your previous consent or based on our legitimate interests, eg. in case of merger or similar corporate transactions),
- our external advisors.
- Group of companies
- DO WE TRANSFER PERSONAL DATA TO COUNTRIES OUTSIDE THE EEA?
We also transfer your personal data we process to a country outside the European Economic Area (”EEA”), for example, when any company from Group of companies is located outside the EEA or when one of our service providers use staff or equipment based outside the EEA.
We have put in place adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights, e.g. we establish an adequate level of data protection through EU Standard Contractual Clauses based on the EU commission’s model clauses.
Information on EU standard contractual clauses is available here on the European Union website. If you would like to have information in detail, please contact us at gdpr@semrush.com.
- HOW LONG DO WE STORE YOUR PERSONAL DATA?
Your personal data will be deleted as soon as they are no longer necessary for the stated purposes. However, we must sometimes continue to store your data until the retention periods and deadlines set by the legislator or supervisory authorities expire. We may also retain your data until the statutory limitation periods have expired, provided that this is necessary for the establishment, exercise or defense of legal claims.
After that, the relevant data are routinely erased.
If you have any questions about specific retention periods, please contact us at gdpr@semrush.com.
- WHAT ARE YOUR RIGHTS UNDER APPLICABLE DATA PROTECTION LAWS?
Under the stipulated conditions, you can exercise all of the rights listed below, which are granted to you by legislation on the protection of personal data, in particular the General Data Protection Regulation (GDPR):
- You have the right to request access to your personal data and the right of provision of further information on the processing of your personal data.
- You have right to rectification of inaccurate or incomplete persona data.
- You have right to obtain your personal data and transfer your data to another controller (data portability).
- You have right to delete your personal data.
- You also have the right to object to the processing of your personal data and to have the processing of your personal data restricted.
- In particular, you have an unconditional right to object to the processing of your personal data for direct marketing purposes.
- If processing of your personal information is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent. You may withdraw your consent by contacting us at gdpr@semrush.com.
- You also have the right to lodge a complaint with a respective supervisory authority pursuant to Art. 77 GDPR (in particular in the country of your residence, place of work or of an alleged infringement of the GDPR).
The lead supervisory authority for Semrush appointed in line with Art. 56 of the GDPR is:
Commissioner for the Protection of Personal Data
1 Iasonos Street
2nd Floor
1082 Nicosia, Cyprushttp://www.dataprotection.gov.cy
There may be conditions or limitations on these rights; it depends on the specific circumstances of the processing activity.
You can take steps to exercise your rights by contacting us at any time at gdpr@semrush.com.
We will usually respond to all your request for the exercise of your above rights within one month of receipt of your request. If we will need more time handle your request, we will inform you about this within the same period.
- OTHER IMPORTANT INFORMATION
The following systems are also used on the Website:
- Google Analytics
Semrush website uses Google Analytics, a web analysis service of Google Ireland Limited, (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). The use includes the "Universal Analytics" operating mode. This facilitates the assignment of data, sessions and interactions across several devices to a pseudonymous user ID and thus the analysis of a user's activities across devices.
Google Analytics uses "cookies", which are text files placed on your computer, to allow the website operator to analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use. Our legitimate interest in data processing also lies in these purposes. Sessions and campaigns are terminated after a certain period of time. By default, sessions are closed after 30 minutes without activity and campaigns after six months.
The time limit for campaigns may not exceed two years. For more information on Terms of Service and data protection, please visit https://www.google.com/analytics/terms/gb.html or https://policies.google.com/?hl=en .
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the Browser Add-on.
- Analyzing your communications
We may review, scan, or analyze your communications on the Services for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, and customer support purposes. For example, as part of our fraud prevention efforts, we scan and analyze messages to mask contact information and references to other websites. In some cases, we may also scan, review, or analyze messages to debug, improve, and expand product offerings. We use automated methods where reasonably possible. However, occasionally we may need to manually review some communications, such as for fraud investigations and customer support, or to assess and improve the functionality of these automated tools. We will not review, scan, or analyze your communications to send third party marketing messages to you, and we will not sell reviews or analyses of these communications.
These activities are carried out based on our legitimate interest in ensuring compliance with applicable laws and our Terms of Service, preventing fraud, promoting safety, and improving and ensuring the adequate performance of the Services.
- Google Analytics
- HOW IS YOUR PERSONAL DATA SECURED?
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Some of the safeguards we use to protect your information are as follows:
- Limited access to the production database at the network level
- Limited access to the production database at the process/users level
- Password policy for access to the production database
- Data transfer encryption
- Data encryption in the database (for card data and authentication credentials)
- WAF (Web Application Firewall)
- DDoS protection
- Internal password change policies
- PCI DSS level 1 compliance
- Logging of actions and log analysis
- Antiviruses on admins workstations
We use industry standard algorithms (AES, PGP and others) for encryption of personal data. As well as full-disk encryption, databases encryption and encryption of special personal data (payment card details for PCI DSS compliance).
We have policies and procedures to keep encryption keys secure, and generate new keys when necessary to do so.
If you know or suppose that your Personal Data have been lost, stolen, misappropriated, or otherwise compromised or in case of any actual or suspected unauthorized use of your Semrush Account, please contact us by email at gdpr@semrush.com.
- OUR POLICY TOWARDS CHILDREN
The Services are not directed to individuals under 18. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our support services.
- CHANGES
We reserve the right to change this Privacy Policy at any time in accordance with this clause. If we make changes to this Privacy Policy, we will post the updated Privacy Policy at our website and will indicate the date of updating.
- CONTACT US
If you have any questions or complaints about this Privacy Policy, you may contact us by email at gdpr@semrush.com.
Effective Date: March 17, 2020