Privacy Policy

Last updated: May 2026

1. Introduction

Lyrapro is a product operated by PMW Communications Limited ("we", "our", or "us"), a company registered in England and Wales. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Service. We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Account Information

  • Your name and email address
  • Password (encrypted and hashed — never stored in plain text)
  • Account creation date and role

2.2 Usage Data

  • URLs you submit for auditing
  • Audit results and generated reports
  • Feature usage and preferences
  • API credit usage and audit history

2.3 Technical Data

  • Browser type and version
  • Device information
  • IP address (for security and access logging)
  • Push notification subscription data (if enabled)

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process and store your audit results
  • Send notifications about completed audits
  • Monitor usage to manage API costs and rate limits
  • Improve and develop new features
  • Ensure security and prevent misuse
  • Comply with legal obligations

4. Third-Party Data Sharing

We do not sell your personal data. In the course of providing the Service, limited data (primarily the URLs you audit) is shared with the following third-party APIs:

  • Anthropic (Claude API): Website content is sent for AI-powered analysis and recommendations
  • Google PageSpeed Insights: URLs are submitted to retrieve performance and Core Web Vitals data
  • Keywords Everywhere: Domain names are sent to retrieve keyword and traffic data

Only the minimum data necessary to provide the Service is shared with these providers. Your personal account data is never shared with third-party APIs.

As the platform operator, PMW Communications Limited may access account and audit data for support, security monitoring, and service improvement purposes. This data is never shared with other users or third parties.

5. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract: Processing necessary to provide the Service you have signed up for
  • Legitimate interests: Security monitoring, fraud prevention, and service improvement
  • Legal obligation: Where required by applicable law

6. Data Retention

Your account data is retained for as long as your account is active. Audit results are stored for ongoing reference and may be deleted on request. If you close your account, your personal data will be removed within 30 days unless retention is required for legitimate legal purposes.

7. Data Security

PMW Communications Limited implements appropriate technical and organisational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing (bcrypt)
  • Regular security assessments
  • Role-based access controls and authentication
  • Database access restricted to authorised services only

8. Your Rights (UK GDPR)

You have the following data protection rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Request your data in a portable format
  • Objection: Object to processing of your data
  • Restriction: Request restriction of processing

To exercise these rights, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. Cookies

We use essential cookies for authentication and session management only. No third-party tracking or advertising cookies are used. You can control cookies through your browser settings, though disabling them may affect the functionality of the Service.

10. International Transfers

Some third-party API providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place in compliance with UK GDPR and applicable data protection laws, including Standard Contractual Clauses where required.

11. Changes to This Policy

PMW Communications Limited may update this Privacy Policy from time to time. The "Last updated" date at the top will be revised accordingly. Continued use of the Service after changes constitutes acceptance of the updated Policy.

12. Contact

For privacy-related questions or to exercise your data rights, contact PMW Communications Limited:

Email: [email protected]

v1.9.861