Privacy Policy

Last updated:

This Privacy Policy explains how LinkDaddy Media collects, uses, stores, and protects your personal data when you use our platform. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

LinkDaddy Media is operated by Anthony James Peacock. We are the data controller for personal data collected through the Platform at linkdaddymedia.com. If you have any questions about this Privacy Policy or how we handle your data, please contact us at [email protected].

2. Data We Collect

We collect the following categories of personal data:

Account Data

When you register for an account, we collect your name, email address, and a hashed version of your password. We do not store your password in plain text.

Business Profile Data

If you complete your business profile, we collect your business name, address, phone number, website URL, business category, GPS coordinates (latitude and longitude), and review platform URLs. This data is used to populate the EXIF metadata and JSON-LD schema embedded in your hardened images.

Uploaded Images

Images you upload are stored in encrypted cloud storage (Cloudflare R2). We process these images to inject EXIF metadata, XMP data, and generate ImageObject JSON-LD schema. We do not analyse the content of your images beyond what is necessary to provide this service.

Usage Data

We collect standard server log data including your IP address, browser type, pages visited, and timestamps. This data is used to maintain the security and performance of the Platform and is not used for advertising purposes.

Payment Data

Payment processing is handled by Stripe. We do not store your full card number, CVV, or other sensitive payment card data on our servers. We receive a payment confirmation token from Stripe and store your subscription plan and billing status.

Contact Form Data

When you submit our contact form, we collect your name, email address, business name (optional), subject, and message. This data is used solely to respond to your enquiry.

We process your personal data on the following legal bases:

  • Contract performance — processing necessary to provide the Platform services you have signed up for (account data, business profile, uploaded images, billing).
  • Legitimate interests — processing necessary for our legitimate interests in maintaining the security and performance of the Platform (usage data, server logs).
  • Consent — where you have given explicit consent, such as subscribing to marketing communications. You may withdraw consent at any time.
  • Legal obligation — processing necessary to comply with our legal obligations, such as responding to valid DMCA notices or law enforcement requests.

4. How We Use Your Data

We use your personal data to:

  • Create and manage your account.
  • Provide the image hardening, AI generation, and schema builder services.
  • Process payments and manage your subscription.
  • Respond to your support and contact enquiries.
  • Send transactional emails (account confirmation, password reset, billing receipts).
  • Maintain the security and integrity of the Platform.
  • Comply with our legal obligations.

We do not sell your personal data to third parties. We do not use your data for behavioural advertising.

5. Data Sharing and Third Parties

We share your data with the following third-party service providers, solely to the extent necessary to provide the Platform:

Cloudflare R2
Encrypted cloud storage for uploaded and processed images. Cloudflare is a data processor acting on our instructions.
Stripe
Payment processing. Stripe is an independent data controller for payment card data. See Stripe's Privacy Policy.
fal.ai
AI image generation. Prompts you submit for AI generation are processed by fal.ai. We do not share your personal account data with fal.ai.
TiDB Cloud
Database hosting for account and platform data. Data is stored in encrypted databases in the European Union.

We may also disclose your data if required to do so by law, court order, or in response to a valid request from a law enforcement authority.

6. Data Retention

We retain your personal data for as long as your account is active. If you delete your account:

  • Your account data (name, email, password hash) is deleted within 30 days.
  • Your uploaded images are deleted from cloud storage within 30 days.
  • Images you published to the CC0 Public Commons are permanently in the public domain and cannot be deleted, as they have been dedicated to the public domain.
  • Billing records are retained for 7 years as required by UK tax law.
  • Server log data is retained for 90 days for security purposes.

7. Your Rights Under UK GDPR

Under UK GDPR, you have the following rights:

  • Right of access — you may request a copy of the personal data we hold about you.
  • Right to rectification — you may request that we correct inaccurate personal data.
  • Right to erasure — you may request that we delete your personal data, subject to our legal obligations.
  • Right to restriction — you may request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability — you may request a copy of your data in a structured, machine-readable format.
  • Right to object — you may object to processing based on legitimate interests.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

We use a single session cookie to maintain your authenticated session after login. This cookie is strictly necessary for the Platform to function and does not require consent under the UK PECR. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include TLS encryption in transit, AES-256 encryption at rest, bcrypt password hashing, and regular security reviews. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a prominent notice on the Platform. The "Last updated" date at the top of this page indicates when the policy was last revised. Your continued use of the Platform after any changes constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at [email protected] or via our contact page.

Questions about your data?

We are committed to transparency. If you have any questions, we are happy to help.

Contact Us