bloghealth.app

Privacy Policy

bloghealth.app — Effective date: 9 May 2026

1. Who we are

bloghealth.app is operated by Diving Escapades SARL-S, 8 rue de Merovingiens, Bertrange, Luxembourg L-8070. We are the data controller for the personal data collected through bloghealth.app.

If you have any questions about how we handle your data, contact us at blog.health.os@gmail.com.

2. What data we collect

We collect the following data when you use bloghealth.app:

  • Your name and email address, provided via Google sign-in (email and profile scopes)
  • Your Google profile information, including your name and profile picture, used only to create and display your account
  • Your website URL and sitemap, which you provide when adding your blog
  • Scan results generated by our crawler when analysing your website
  • Your usage data, such as scan history and app settings
  • Email preferences, such as your chosen scan frequency and alert settings
  • Google Analytics OAuth tokens and traffic data, including page views, sessions, engagement rate and traffic sources per post, retrieved using the analytics.readonly scope, if you choose to connect Google Analytics
  • Google Search Console OAuth tokens and search performance data, including clicks, impressions, click-through rate and average position per post, retrieved using the webmasters.readonly scope, if you choose to connect Search Console

3. How we use your data

We use your data to:

  • Create and manage your account
  • Scan your website and display your blog health results
  • Send you email alerts and digests if you have opted in
  • Contact you during the beta period to collect feedback on your experience
  • Improve the app based on how it is used
  • Communicate with you about your account or the beta programme
  • Sync traffic data from Google Analytics to display personalised insights alongside your blog health data
  • Sync search performance data from Google Search Console to provide rankings insights, quick win identification, and combined traffic analysis
  • Power Content Coach, our AI-assisted content strategy feature, which analyses your posts cross-referenced with your real GA4 and GSC data to surface interlink suggestions, content gaps, and write-next recommendations

4. Legal basis for processing (GDPR)

If you are based in the European Union, we process your data on the following legal bases:

  • Contract: processing your data is necessary to provide the service you have signed up for
  • Legitimate interests: improving the app, collecting beta feedback and ensuring its security
  • Consent: for optional email communications, which you can withdraw at any time

5. Who we share your data with

We do not sell your data. We share it only with the following third party service providers who help us operate the app:

  • Supabase: our database provider, where your account and scan data is stored securely
  • Google: for authentication via Google sign-in, Google Analytics integration, and Google Search Console integration
  • Anthropic: the AI provider powering our Content Coach feature. Blog post metadata and performance data is processed by the Anthropic API to generate content recommendations. No data is stored by Anthropic beyond what is needed to process each request
  • Resend: our email delivery provider, used to send you alerts and digests
  • Vercel: our hosting provider for the web application
  • Render: our hosting provider for the scanning service

All providers are bound by appropriate data processing agreements.

Our use of data obtained through Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, we do not share it with third parties except as described above, and we do not use it for any purpose unrelated to providing the bloghealth.app service.

6. Data retention

We keep your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it by law.

7. Your rights (GDPR and US privacy laws)

Depending on where you are located, you may have the following rights:

  • The right to access the personal data we hold about you
  • The right to correct inaccurate data
  • The right to request deletion of your data
  • The right to restrict or object to processing
  • The right to data portability
  • The right to withdraw consent at any time for consent-based processing

To exercise any of these rights, please contact us at blog.health.os@gmail.com. We will respond within 30 days.

If you are located in California, you may also have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and the right to opt out of the sale of personal information. We do not sell personal information.

8. Cookies

bloghealth.app uses only essential cookies necessary to keep you logged in and to maintain your session. We do not use advertising or tracking cookies.

9. Security

We take reasonable technical and organisational measures to protect your data. Your data is stored on Supabase, which uses industry-standard encryption and security practices. No method of transmission over the internet is 100% secure, but we do our best to protect your information.

10. International transfers

Some of our service providers may process data outside the European Economic Area. Where this is the case, we ensure that appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

11. Children

bloghealth.app is not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via a notice in the app. The effective date at the top of this page will always reflect the most recent version.

13. Contact and complaints

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us at blog.health.os@gmail.com or by post at Diving Escapades SARL-S, 8 rue de Merovingiens, Bertrange, Luxembourg L-8070.

If you are based in the EU and believe we have not handled your data correctly, you have the right to lodge a complaint with the Luxembourg data protection authority, the Commission Nationale pour la Protection des Données (CNPD) at www.cnpd.lu.