Privacy Policy
Privacy Policy
📋 Plain-Language Summary
We know privacy policies are long. Here's what you actually need to know in plain language. The full legal detail follows below.
What we collectYour email (if you subscribe), basic analytics (pages visited, device type), and contact form data. Nothing invasive.
What we never doWe never sell your data, share it with advertisers, or use it to build ad profiles. Ever.
CookiesWe use cookies for analytics and site performance only. No third-party advertising cookies. You can opt out anytime.
Affiliate linksWe earn commissions when you click our links and buy software. Your data is not involved in this — it's just a referral URL.
Your rightsYou can access, correct, export, or delete your data at any time. Just email us and we'll respond within 30 days.
NewsletterIf you subscribed, you can unsubscribe in one click at the bottom of any email. No dark patterns.
Who We Are
SoftwareAdvisorHub ("we," "us," or "our") operates the website located at softwareadvisorhub.com. We are an independent software review publication that researches, tests, and compares SaaS tools and software products for business owners, marketers, developers, and decision-makers.
SoftwareAdvisorHub is registered as a digital media company operating on a remote-first basis. For all privacy matters, our Data Protection Officer can be reached at the contact information provided in Section 14 of this policy.
This Privacy Policy applies solely to data collected through softwareadvisorhub.com. It does not apply to third-party websites, software products, or services that we review or link to. Please review the privacy policies of those services independently.
Data We Collect
We collect only the minimum data necessary to operate our website and provide value to our readers. The following categories describe what we collect, how it arrives, and why.
2.1 Data You Provide Directly
- Contact form submissions: Your name, email address, message content, and any optional fields you complete when using our contact form.
- Newsletter subscriptions: Your email address and, optionally, your name when you subscribe to our newsletter or deal alerts.
- Review requests and contributions: Professional background information you voluntarily provide when submitting a review request or contributor application.
2.2 Data Collected Automatically
- Usage analytics: Pages visited, time on page, scroll depth, referral source, and navigation path — collected in aggregate and anonymised form.
- Device and browser data: Browser type, operating system, screen resolution, and general device category (mobile/desktop). We do not collect device identifiers.
- IP address: Collected temporarily for security and geo-region analytics (country/city level only). IP addresses are anonymised within 24 hours and are never stored in identifiable form.
- Affiliate click data: When you click an affiliate link, a referral parameter is passed to the destination. We record that a click occurred and the destination — not your identity or subsequent behaviour on the third-party site.
2.3 Data We Do Not Collect
| Data Type | Collected? | Notes |
|---|---|---|
| Payment or financial data | ❌ Never | We do not process payments on this site |
| Social media profiles | ❌ Never | No social login or profile scraping |
| Precise geolocation | ❌ Never | Country/city level only from anonymised IP |
| Biometric data | ❌ Never | Not applicable to our service |
| Sensitive personal data | ❌ Never | Health, race, religion, political views — never collected |
| Third-party purchase data | ❌ Never | We don't know if/what you bought after clicking our links |
How We Use Your Data
Every use of your data serves a specific, legitimate purpose. We do not repurpose data beyond what is described here without seeking fresh consent.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Responding to contact enquiries | Name, email, message | Contract / Legitimate interest |
| Sending newsletter & deal alerts | Email, name (optional) | Consent |
| Improving website performance | Anonymised analytics | Legitimate interest |
| Detecting and preventing abuse | IP (anonymised), usage patterns | Legitimate interest |
| Affiliate commission tracking | Click event, destination URL | Legitimate interest |
| Legal compliance & record-keeping | Contact records | Legal obligation |
Our core promise on data use
We will never use your data to build advertising profiles, sell to data brokers, share with software vendors for marketing purposes, or use for any purpose unrelated to operating this publication. This applies regardless of any commercial arrangement we may have with affiliate partners.
Legal Basis for Processing (GDPR)
For readers in the European Economic Area (EEA) and United Kingdom, we process personal data only where we have a valid legal basis under the General Data Protection Regulation (GDPR) and UK GDPR. The applicable bases are:
Consent (Article 6(1)(a))
Used when you actively opt in — for example, subscribing to our newsletter or agreeing to non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
Contract Performance (Article 6(1)(b))
Used when processing is necessary to fulfil a request you have made — such as responding to a contact form submission or processing a contributor application.
Legitimate Interests (Article 6(1)(f))
Used for purposes such as website security, fraud prevention, anonymised analytics, and affiliate click tracking — where our interests are balanced against and do not override your fundamental rights and freedoms.
Legal Obligation (Article 6(1)(c))
Used where we are required to retain certain records to comply with applicable law, including tax, corporate, and regulatory requirements.
Cookies & Tracking Technologies
We use cookies and similar tracking technologies to operate the site and understand how it is used. We do not use advertising cookies or allow third-party ad networks to set cookies on this site.
No advertising cookies
SoftwareAdvisorHub does not use Google Ads, Facebook Pixel, or any third-party advertising network cookies. You will not be retargeted based on your visit to this site.
Managing Your Cookie Preferences
You can manage or withdraw consent for non-essential cookies at any time through our cookie preference centre (accessible via the cookie banner or footer link). You may also configure your browser to block or delete cookies; note that blocking essential cookies may affect site functionality.
Affiliate Links & Revenue Disclosure
SoftwareAdvisorHub participates in affiliate marketing programs. This means that when you click certain links on our site and subsequently purchase a software subscription or product, we may receive a referral commission from the software vendor at no additional cost to you.
From a privacy standpoint, this works as follows:
- When you click an affiliate link, you are redirected to the third-party vendor's website via a URL containing a referral parameter that identifies us as the referring source.
- We record that a click occurred and the destination URL for commission tracking purposes.
- We do not receive any information about what you do on the third-party site, whether you make a purchase, or any personal data you provide to that vendor.
- Affiliate relationships have no influence on our editorial scores, recommendations, or review content. Our methodology is applied identically regardless of whether a tool has an affiliate program.
In compliance with FTC guidelines, all pages containing affiliate links include a clear disclosure notice. Our full affiliate disclosure policy is available at softwareadvisorhub.com/affiliate-disclosure.
Third-Party Data Sharing
We do not sell, rent, or trade your personal data. We share data with third parties only in the following limited circumstances:
7.1 Service Providers (Data Processors)
We work with trusted service providers who process data on our behalf and under our instruction. All processors are bound by Data Processing Agreements (DPAs) and are not permitted to use your data for their own purposes.
| Service | Purpose | Data Shared | Location |
|---|---|---|---|
| Email platform | Newsletter delivery | Email, name | EU/US (SCCs) |
| Analytics provider | Site analytics | Anonymised usage data | EU |
| Web hosting / CDN | Site delivery | IP (transient) | Global CDN |
| Contact form processor | Form submissions | Name, email, message | EU |
| Affiliate networks | Commission tracking | Click event, referral URL | US |
7.2 Legal Requirements
We may disclose personal data when required to do so by law, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect our legal rights, prevent fraud, or respond to a verified legal process.
7.3 Business Transfers
In the event of a merger, acquisition, or sale of all or part of our assets, user data may be transferred as part of that transaction. We will notify affected users via email and/or a prominent notice on our site prior to any such transfer, and you will retain the right to request deletion of your data.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by applicable law. The following table summarises our standard retention periods.
Following the applicable retention period, data is securely deleted or irreversibly anonymised. Anonymised data may be retained indefinitely for aggregate statistical purposes.
Your Privacy Rights
Depending on your location, you have a range of rights regarding your personal data. We honour these rights promptly and without charge.
Right to Access
Request a copy of all personal data we hold about you, including how it is used and with whom it is shared.
Right to Rectification
Request correction of any inaccurate or incomplete personal data we hold about you.
Right to Erasure
Request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations.
Right to Restrict
Request that we pause processing of your data while a dispute or objection is investigated.
Right to Portability
Receive your data in a structured, machine-readable format (JSON or CSV) for transfer to another service.
Right to Object
Object to processing based on legitimate interests, including profiling. We will cease processing unless compelling grounds exist.
Withdraw Consent
Withdraw consent for any consent-based processing (e.g. newsletter) at any time, without affecting prior processing.
Right to Complain
Lodge a complaint with your national data protection authority (e.g. ICO in the UK, your local EU supervisory authority).
How to exercise your rights
Submit a request to privacy@softwareadvisorhub.com with your name, email address, and the specific right you wish to exercise. We will respond within 30 calendar days. For complex or multiple requests, we may extend this period by up to 60 days with notice.
California Residents (CCPA/CPRA)
California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, right to delete, right to opt-out of sale (we do not sell data), and right to non-discrimination. To exercise these rights, use the contact details in Section 14 or submit a request via our contact form.
Children's Privacy
SoftwareAdvisorHub is not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16 without verifiable parental consent, we will take immediate steps to delete that data.
If you believe we have collected data from a minor, please contact us immediately at privacy@softwareadvisorhub.com.
International Data Transfers
SoftwareAdvisorHub operates globally, and some of our service providers are based outside the European Economic Area (EEA) and United Kingdom. Where we transfer personal data internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection law.
- Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision, we rely on the European Commission's approved Standard Contractual Clauses.
- Adequacy decisions: Where the destination country benefits from an EU adequacy decision, we rely on this as the transfer mechanism.
- Binding Corporate Rules: For certain processors that have adopted BCRs approved by a supervisory authority.
You may request details of the specific safeguards in place for any international transfer by contacting our DPO (Section 14).
Security Measures
We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction.
- All data in transit is encrypted using TLS 1.2 or higher (HTTPS enforced site-wide)
- Data at rest is encrypted using AES-256 encryption on all storage systems
- Access to personal data is restricted to authorised personnel on a need-to-know basis
- We conduct regular security reviews and vulnerability assessments
- Passwords are hashed using bcrypt with appropriate salt rounds — plaintext passwords are never stored
- Two-factor authentication is required for all team members with system access
While we take all reasonable precautions, no method of internet transmission or electronic storage is 100% secure. In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users and relevant supervisory authorities within 72 hours of becoming aware of the incident, as required by GDPR Article 33.
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify newsletter subscribers of material changes via email at least 14 days before the change takes effect
- Maintain a version history accessible via the link below so you can review what changed
- For significant changes that require fresh consent, present a new consent request before the changes apply to your data
We encourage you to review this policy periodically. Continued use of our website after a policy update constitutes acceptance of the revised terms, except where fresh consent is required.
Contact & Data Protection Officer
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us through any of the following channels. We are committed to responding to all privacy enquiries within 30 calendar days.
| Contact Type | Channel | Response Time |
|---|---|---|
| General privacy questions | privacy@softwareadvisorhub.com | Within 30 days |
| Data subject rights requests | privacy@softwareadvisorhub.com | Within 30 days |
| Data breach reports | security@softwareadvisorhub.com | Within 72 hours |
| Press / legal enquiries | legal@softwareadvisorhub.com | Within 5 business days |
| Contact form | softwareadvisorhub.com/contact-us | Within 1 business day |
Data Protection Officer
Our designated DPO oversees all data protection matters at SoftwareAdvisorHub. If you are unsatisfied with our response to a privacy request, you also have the right to lodge a complaint with your national data protection authority — such as the ICO (UK), CNIL (France), or your local EU supervisory authority.
