Privacy Policy
Astalias Legal Pages
1. PRIVACY POLICY
Effective Date: March 29, 2026 Last Updated: March 29, 2026
Introduction
Astalias (“we”, “our”, or “us”) operates the website astalias.net and the Astalias SEO Tower Pro WordPress plugin. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
Information We Collect
Information You Provide
- Account Information: Name, email address, and password when you register at app.astalias.net
- Payment Information: Billing details processed securely through Stripe. We do not store credit card numbers.
- Licence Keys: Your plugin licence keys and associated site URLs
Information Collected Automatically
- Usage Data: Pages visited, features used, time spent on the platform
- Technical Data: IP address, browser type, operating system, referring URLs
- WordPress Site Data: Site URL, plugin version, connected services status (via heartbeat ping)
Third-Party OAuth Data
When you connect Google, Facebook, Instagram, X (Twitter), or LinkedIn through our OAuth proxy (oauth.astalias.net):
- We store OAuth access tokens encrypted in our database
- We fetch basic profile information (name, email) from connected services
- We use these tokens solely to provide SEO data and automation features
How We Use Your Information
- To provide, operate, and maintain our services
- To process payments and manage your subscription
- To send transactional emails (purchase confirmations, licence keys)
- To send service notifications (expiry warnings, updates)
- To improve and personalize our services
- To comply with legal obligations
Data Sharing
We do not sell your personal data. We share data only with:
- Stripe — Payment processing (stripe.com/privacy)
- Google — OAuth authentication and SEO data retrieval
- Cloudflare — CDN and security services
Data Retention
- Account data: Retained while your account is active
- OAuth tokens: Deleted when you disconnect a service
- Payment records: Retained for 7 years for legal compliance
Your Rights (GDPR)
You have the right to:
- Access — Request a copy of your personal data
- Rectification — Correct inaccurate data
- Erasure — Request deletion of your data (“right to be forgotten”)
- Portability — Receive your data in a portable format
- Objection — Object to certain processing activities
To exercise these rights, contact: privacy@astalias.net
Security
We implement industry-standard security measures including:
- AES-256-CBC encryption for OAuth tokens
- HMAC-SHA256 signatures for API authentication
- HTTPS/TLS for all data transmission
- Per-site secrets (no shared global keys)
Children’s Privacy
Our services are not directed to children under 13. We do not knowingly collect personal information from children.
Contact
Astalias Email: privacy@astalias.net Website: https://astalias.net
2. TERMS OF SERVICE
Effective Date: March 29, 2026
1. Acceptance of Terms
By accessing or using Astalias services (astalias.net, app.astalias.net, oauth.astalias.net, or the Astalias SEO Tower Pro plugin), you agree to be bound by these Terms of Service.
2. Description of Service
Astalias provides:
- A SaaS platform (app.astalias.net) for managing WordPress SEO
- An OAuth proxy (oauth.astalias.net) for connecting Google and social media accounts
- The Astalias SEO Tower Pro WordPress plugin
3. Account Registration
- You must provide accurate information when creating an account
- You are responsible for maintaining the confidentiality of your credentials
- You must be at least 18 years old to use paid services
- One account per person/organization
4. Licence and Permitted Use
Subject to your subscription plan, we grant you a limited, non-exclusive, non-transferable licence to:
- Install the plugin on the number of sites permitted by your plan
- Access and use the SaaS platform features
You may NOT:
- Share, sell, or transfer your licence key to others
- Reverse engineer, decompile, or disassemble the software
- Use the service for illegal activities
- Exceed the site limits of your subscription plan
5. Subscription and Payment
- Subscriptions are billed annually in advance
- All prices are in USD unless otherwise stated
- Payments are processed by Stripe
- Subscriptions auto-renew unless cancelled before the renewal date
- We reserve the right to change pricing with 30 days notice
6. Free Plan
The Free plan is provided as-is with limited features. We reserve the right to modify or discontinue the Free plan at any time.
7. Intellectual Property
All software, content, and materials provided by Astalias are protected by copyright and other intellectual property laws. The Astalias SEO Tower plugin code remains our property.
8. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW:
- Our liability is limited to the amount you paid us in the 12 months preceding the claim
- We are not liable for indirect, incidental, or consequential damages
- We do not guarantee uninterrupted or error-free service
9. Disclaimer of Warranties
THE SERVICE IS PROVIDED “AS IS” WITHOUT WARRANTIES OF ANY KIND. WE DO NOT WARRANT THAT THE SERVICE WILL IMPROVE YOUR SEARCH ENGINE RANKINGS.
10. Termination
We may terminate or suspend your account if you violate these Terms. You may cancel your account at any time. Upon termination, your licence keys will be deactivated.
11. Changes to Terms
We may modify these Terms at any time. We will notify you by email 30 days before material changes take effect.
12. Governing Law
These Terms are governed by the laws of Turkey. Any disputes shall be resolved in the courts of Istanbul, Turkey.
Contact
astalias@astalias.net
3. COOKIE POLICY
Effective Date: March 29, 2026
What Are Cookies
Cookies are small text files stored on your device when you visit our website.
Cookies We Use
Essential Cookies (Required)
| Cookie | Purpose | Duration |
|---|---|---|
laravel_session |
User authentication session | Session |
XSRF-TOKEN |
Security (CSRF protection) | Session |
remember_web_* |
“Remember me” login | 30 days |
Analytics Cookies (Optional)
| Cookie | Purpose | Duration |
|---|---|---|
_ga |
Google Analytics | 2 years |
_gid |
Google Analytics | 24 hours |
Preference Cookies
| Cookie | Purpose | Duration |
|---|---|---|
theme |
Dark/light mode preference | 1 year |
sidebar |
Sidebar open/closed state | 1 year |
Managing Cookies
You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.
Third-Party Cookies
- Stripe — Payment processing
- Cloudflare — Security and performance
- Google Analytics — Usage analytics (if enabled)
Contact
privacy@astalias.net
4. REFUND POLICY
Effective Date: March 29, 2026
Overview
We want you to be satisfied with Astalias. This policy outlines when refunds are available.
Annual Subscriptions
14-Day Money-Back Guarantee If you are not satisfied with your subscription, you may request a full refund within 14 days of your initial purchase.
To request a refund:
- Email billing@astalias.net with subject “Refund Request”
- Include your account email and order number
- Briefly describe the reason for your request
We will process your refund within 5-10 business days.
Conditions for Refund
Refunds are available when:
- Request is made within 14 days of purchase
- This is your first purchase of that plan (not renewal)
- The licence has not been used to activate more than 2 sites
Refunds are NOT available for:
- Renewal charges (you must cancel before renewal date)
- Partial month/year refunds after the 14-day period
- Accounts terminated for Terms of Service violations
One-Time Product Purchases
Plugin and module one-time purchases are non-refundable after download, except where required by applicable law.
Cancellation
You may cancel your subscription at any time from your account dashboard (app.astalias.net/billing). After cancellation:
- Your plan remains active until the end of the billing period
- No further charges will be made
- Licence keys remain active until period end
Contact
billing@astalias.net
5. GDPR COMPLIANCE
Effective Date: March 29, 2026
Data Controller
Astalias Email: privacy@astalias.net Website: https://astalias.net
Legal Basis for Processing
We process your personal data based on:
- Contract Performance — Processing necessary to provide our services
- Legitimate Interests — Improving our services, security monitoring
- Consent — Marketing communications (you can withdraw at any time)
- Legal Obligation — Financial records retention
Data We Process
| Data Category | Purpose | Legal Basis | Retention |
|---|---|---|---|
| Name, Email | Account management | Contract | Account lifetime |
| Payment data | Billing | Contract | 7 years |
| OAuth tokens | SEO features | Contract | Until disconnected |
| Usage logs | Security, debugging | Legitimate interest | 90 days |
| IP addresses | Security | Legitimate interest | 30 days |
International Data Transfers
Our servers are located in Germany (Hetzner). OAuth data is transmitted to and from Google, Facebook, and other third-party services in accordance with their respective privacy policies and Standard Contractual Clauses where applicable.
Data Processing Agreements
We have Data Processing Agreements with:
- Stripe — Payment processing (US/EU)
- Hetzner — Server hosting (Germany, EU)
- Cloudflare — CDN and security (EU data processing available)
Your Rights Under GDPR
| Right | Description | How to Exercise |
|---|---|---|
| Access (Art. 15) | Get a copy of your data | Email privacy@astalias.net |
| Rectification (Art. 16) | Correct inaccurate data | Account settings or email |
| Erasure (Art. 17) | Delete your data | Email privacy@astalias.net |
| Restriction (Art. 18) | Limit processing | Email privacy@astalias.net |
| Portability (Art. 20) | Export your data | Account settings |
| Objection (Art. 21) | Object to processing | Email privacy@astalias.net |
We will respond to all requests within 30 days.
Data Breach Notification
In the event of a data breach affecting your rights, we will notify you and relevant supervisory authorities within 72 hours as required by GDPR Article 33.
Supervisory Authority
You have the right to lodge a complaint with your local data protection authority. In Turkey: KVKK. In the EU, contact your national DPA.
Cookie Consent
We obtain consent for non-essential cookies through our cookie banner. You may withdraw consent at any time through your browser settings.
Contact Our DPO
For all GDPR-related inquiries: privacy@astalias.net
All pages last updated: March 29, 2026 Astalias — https://www.astalias.net