Summary: Your data remains with you. Your sites, databases, and content are hosted on your own servers; BlogMaster does not share, sell, or rent any of your data to third parties.
1. Our Approach
BlogMaster operates on the principle of data minimization: each Client receives service through its own server and its own accounts. The platform only stores the minimum data necessary for administration; data belonging to your sites is not hosted on the BlogMaster infrastructure.
2. Data We Store
Only the following data necessary for the operation of the service is stored on the platform:
- Account and identification information: full name / company name, email address, and irreversibly hashable password. Your password is never stored in plain text.
- Session and security logs: Login time, IP address, and 2FA verification logs — solely for the purpose of protecting your account.
- API keys: Keys and tokens for the services you connect to (domain provider, WHM/cPanel, Cloudflare, Search Console, AI providers, Telegram, ShortLks) — stored in encrypted form, masked in the panel.
- Site inventory metadata: Domain names, site titles, status/health information, and matches (category, client, target site) necessary for administration. Only the administration log, not the sites themselves.
- Transaction logs: Which transaction was performed, when, and by which account in the panel. Every transaction is recorded and can be monitored in real time.
- Notification preferences: Your Telegram connection information (chat ID) and alert threshold settings.
- Support correspondence: Your requests and messages sent to us.
3. Data We Do Not Store
Your site databases, member records, personal data of your visitors, and site content are stored on your own servers; BlogMaster does not copy or store them on its own infrastructure. When you discontinue the service, everything remains where it is — in your accounts.
4. Data Sharing
BlogMaster does not share, sell, rent, or exchange your account information, API keys, statistics, or any data related to your sites with third parties. The only exception is duly binding requests from competent authorities in accordance with applicable legislation.
5. Use of API Keys
Your keys are stored encrypted and are only transmitted to the relevant provider to execute the operations you initiate (e.g., your article generation instructions only go to your chosen AI provider). You can change or delete your keys at any time from the panel.
6. Real-Time Monitoring
Site Monitor only collects technical health data: accessibility status, SSL validity, and security scan results. This monitoring does not contain personal data; its purpose is to notify you of problems immediately (via Telegram notification).
7. Visit Statistics
Visitor statistics on your sites are processed anonymously and aggregately, bot traffic is separated, and only is reported to you. No visitor profiling or advertising tracking is performed.
8. Cookies
Only essential cookies are used in the panel to securely maintain your session. No marketing or third-party tracking cookies are used.
9. Security
The panel is protected by two-factor authentication (2FA), role-based access, encrypted key storage, and transaction logs. In a reseller (white-label) structure, each customer only sees their own data.
10. Data Retention Periods
Account data is retained for the duration of membership. Transaction logs are retained for a reasonable period for security and audit purposes, then deleted or anonymized. Upon account closure, your API keys are deleted immediately; any remaining minimum data is deleted within 30 days, subject to legal retention obligations.
11. Sub-processors and International Transfer
Your data is only transmitted to service providers you connect to fulfill your instructions (clause 5). Some of these providers may be located abroad; Data transfer occurs only within the scope of service provision and in accordance with the security commitments of the relevant provider. BlogMaster does not use any sub-processors for marketing purposes.
12. Your Rights
Under GDPR and relevant data protection legislation, you have the right to request access, correction, and deletion of your data. To submit your requests, simply write to [email protected]; upon account closure, the minimum data held on the Platform will be deleted within a reasonable time.
13. Changes
This text may be updated; the current version will be published on this page and will be valid from the date of publication.