Privacy Policy

Last updated: April 6, 2026

This Privacy Policy describes how Consolety (“we”, “us”, “our”) collects, uses, and protects your personal data when you use our website (consolety.ai), our WordPress plugin (“Consolety”), and our Hub API service (app.consolety.ai). We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR), the ePrivacy Directive, and other applicable data protection laws.

1. Data Controller

The data controller responsible for the processing of your personal data is:

VerifiedPress (trading as Consolety)
Valkeniersdonk 307, 7326KR Apeldoorn, Netherlands
KvK (Chamber of Commerce): 42028625
Email: [email protected]
Website: https://consolety.ai

2. What Data We Collect

2.1 Website Visitors

When you visit consolety.ai, we may collect:

  • Technical data: IP address (anonymized), browser type, operating system, referring URL, pages visited, and timestamps. This is collected through server logs and, if you consent, through analytics cookies.
  • Contact data: If you contact us via email or a contact form, we process your email address, name, and message content.

2.2 Plugin Users (WordPress Site Owners)

When you install and activate the Consolety plugin and connect to our network, we collect:

  • Site data: Your website URL, site title, WordPress version, PHP version, and plugin version.
  • Google Search Console data: After you explicitly authorize via Google OAuth 2.0, we access aggregated GSC metrics (total clicks, total impressions) for the past 90 days. We do not access individual search queries, page-level data, or any other Google account information.
  • Profile data: Your chosen niche category, site language, bio text, and guest post requirements (word count, link limits, content policies).
  • Network activity data: Connection requests sent and received, guest post submissions and reviews, campaign activity, and points transactions.
  • Guest post content: The text, images, and metadata of guest posts you submit or receive through the network.

2.3 Data We Do NOT Collect

  • We do not access or store your Google password (OAuth tokens are used instead).
  • We do not access individual search queries from your Google Search Console.
  • We do not inject tracking scripts, pixels, or fingerprinting code on your website’s frontend.
  • We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Consent (Art. 6(1)(a)): For analytics cookies on our website and for connecting your Google Search Console via OAuth. You can withdraw consent at any time.
  • Contract performance (Art. 6(1)(b)): Processing necessary to provide the Consolety network service, including site registration, guest post exchange, points economy, and campaign marketplace.
  • Legitimate interest (Art. 6(1)(f)): For security purposes (SSRF protection, abuse detection), service improvement, and technical diagnostics. We balance our interests against your rights and only process data that is strictly necessary.

4. How We Use Your Data

  • Service delivery: To register your site in the network, display your profile to other verified publishers, facilitate guest post exchanges, manage points transactions, and operate the campaign marketplace.
  • Verification: To verify your site ownership through Google Search Console and calculate your traffic tier for network matching.
  • Communication: To send you notifications about guest post submissions, connection requests, and important service updates. We do not send marketing emails unless you explicitly opt in.
  • Security: To protect the network against abuse, spam, and fraudulent activity, including SSRF protection during link monitoring and rate limiting.
  • Link monitoring: Daily automated HTTP GET requests to published guest post URLs to verify backlink status. These requests contain no personal data and identify themselves with a Consolety user agent string.

5. Data Sharing and Third Parties

5.1 Network Participants

When you join the Consolety network, certain profile information is visible to other verified publishers: your site URL, niche category, language, traffic tier, bio, and guest post requirements. This visibility is essential for the network to function and is based on your consent when connecting your site.

5.2 Service Providers

We use the following third-party services:

  • Hetzner Online GmbH (server hosting) — EU-based, data stored in Germany. Privacy Policy
  • Google OAuth (authentication) — Used for GSC verification. We receive an OAuth token; Google’s privacy policy applies to the authentication flow. Privacy Policy
  • Freemius (licensing and payments) — Processes WordPress version, PHP version, site URL, and license data. Privacy Policy
  • Cloudflare (DNS and CDN) — Processes IP addresses for DNS resolution. Privacy Policy

5.3 No Data Sales

We do not sell, trade, or rent your personal data to third parties. We do not share data for advertising or marketing purposes with any external party.

6. Data Storage and Security

  • Location: All data is stored on servers located in the European Union (Germany), operated by Hetzner Online GmbH.
  • Encryption: All API communication uses HTTPS/TLS. OAuth tokens are encrypted at rest using AES-256.
  • Access control: Database access is restricted to authorized systems only. Administrative access requires SSH key authentication.
  • Content sanitization: All user-submitted content is sanitized through a multi-layer defense system (HTMLPurifier, wp_kses_post, DOMPurify) to prevent XSS and injection attacks.

7. Data Retention

  • Account data: Retained for as long as your site is connected to the network. When you disconnect, your profile is removed from the network within 30 days.
  • Guest post content: Published guest posts remain on host sites as regular WordPress posts after disconnection. The content in our API database is deleted within 30 days of disconnection.
  • Points transactions: Transaction history is retained for 12 months after disconnection for audit purposes, then permanently deleted.
  • Server logs: Web server access logs are retained for 90 days, then automatically rotated and deleted.
  • Plugin uninstall: Uninstalling the Consolety plugin deletes all local data from your WordPress installation immediately.

8. Your Rights Under GDPR

As a data subject in the European Economic Area, you have the following rights:

  • Right of access (Art. 15): Request a copy of all personal data we hold about you.
  • Right to rectification (Art. 16): Request correction of inaccurate personal data.
  • Right to erasure (Art. 17): Request deletion of your personal data (“right to be forgotten”).
  • Right to restriction (Art. 18): Request restriction of processing in certain circumstances.
  • Right to data portability (Art. 20): Request your data in a structured, machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interests.
  • Right to withdraw consent: Withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days as required by GDPR.

9. Cookies

Our website uses cookies. For detailed information about the cookies we use, their purpose, and how to manage them, please see our Cookie Policy.

10. International Data Transfers

All data is stored and processed within the European Union. We do not transfer personal data outside the EEA, except:

  • Google OAuth: Authentication flows involve Google’s servers, which may process data in the United States. This transfer is covered by Google’s Standard Contractual Clauses and Data Processing Agreement.
  • Freemius: License validation may involve servers outside the EU. Freemius provides Standard Contractual Clauses for such transfers.

11. Children’s Privacy

Consolety is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, contact us immediately and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify registered users of material changes via email or in-plugin notification. The “Last updated” date at the top of this page indicates the most recent revision.

13. Contact and Complaints

For privacy-related questions or to exercise your rights:

Email: [email protected]

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority. For users in the Netherlands, this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

Start Building Verified Backlinks Today

Install the free Consolety plugin and join a network where every site is GSC-verified.

Install Free Plugin How It Works
Enroll Now

Newsletter Signup

Sign up to our newsletter and receive a 10% discount on the course fee!