Ahrefs WordPress Plugin Privacy Policy

Last modified: November 14, 2022

Contents

Information Collection and Use
Changes to This Privacy Policy
Contact Us

The Ahrefs WordPress Plugin (“Plugin”) is part of Ahrefs’ toolset.

This Privacy Policy details how Ahrefs collects, uses, and discloses Personal Information for Plugin users. All information stated here is valid for the latest version of the Plugin.

The Plugin is provided at no cost. It evaluates the performance of articles on users’ blogs based on Ahrefs, Google Analytics and Google Search Console data.

By using the Plugin, you agree to the collection and use of information as detailed in this policy. The Personal Information that we collect is used only for providing the service. We do not use your information in any other way except as described in this Privacy Policy. We do not send this information to any third parties, disclose it, or use it for any other purpose.

Information Collection and Use

The information that we get from the WordPress site where the Plugin is installed is strictly necessary for the functioning of the Plugin. It includes:

1. Google Analytics and Google Search Console traffic and keywords data

Google Analytics and Google Search Console are web analysis services provided by Google LLC (“Google”). The Plugin requires read-only access to your Google Analytics and Google Search Console profiles to retrieve web traffic and keywords ranking data, as well as provide recommendations on how to improve your website’s content.

This data is not sent to our servers and is only used and stored internally in your WordPress site’s database.

2. Google authorization data

The Plugin uses Google's OAuth 2.0 protocol to obtain permissions from users to access their Google Analytics and Google Search Console data, as well as to manage the list of sites and domains they control. The latter is necessary to verify the user's ownership of the website. You are the only person who decides if you would like to provide this access. You can revoke this access any time.

The OAuth 2.0 protocol requires a fixed redirect URI to accept the credentials after a user approves an OAuth consent request. Since the Plugin may be installed on any WordPress website with any domain name, it uses https://wpauth.ahrefs.com proxy service (“Proxy”) to handle responses from Google's authorization server to a fixed URI.

The Proxy receives and temporarily stores tokens needed to make API requests on the user's behalf during the authorization process. After successful authorization, the Proxy starts storing your website URL and name, as well as the Google user ID and a refresh token needed to access the Google Analytics and Google Search Console data.

We do not send this information to any third parties, disclose it, or use it for any other purpose. This information is erased from our servers when you revoke the Plugin’s access to your Google account in the Plugin settings.

3. URLs of the pages on the site where the plugin was installed

The Plugin sends the URLs of the pages on the site where it was installed via an API request to ahrefs.com servers to retrieve SEO data.

We do not send this information to any third parties, disclose it, store it, or use it for any other purpose.

4. Diagnostic reports

To help with Ahrefs WordPress Plugin stability and improvements, you can consent to send automatic diagnostic reports in the Plugin's settings or during the Plugin’s setup wizard. A diagnostic report is sent only when an actual error related to the Plugin occurs. You can revoke this consent at any time.

Diagnostic reports are collected using Bugsnag. Bugsnag is an error-monitoring tool provided by SmartBear Software Inc.

For more information on automatically captured data by Bugsnag, please review:

https://docs.bugsnag.com/platforms/php/other/automatically-captured-data/.

Additionally captured data: domain name; site URL; WordPress installation URL; version of the RankMath, Redirection, AIOSEO, Yoast SEO third-party plugins installed; WordPress version; is the site configured as Multisite or not; site language code; data necessary for error identification.

The Plugin never sends to Bugsnag: user names; emails; phones; other personal information; Google configuration data.

SmartBear privacy policy: https://smartbear.com/privacy/.

We do not send this information to any other third parties, disclose it, or use it for any purpose other than fixing bugs and investigating support requests.

5. Storage on your WordPress site

The Plugin uses the storage on your WordPress site to keep your settings and the results of content audits.

This data is not sent to our servers and is only used internally in your WordPress site.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. You are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.

Contact Us

If you have questions about or suggestions for this Privacy Policy, please contact us at [email protected]