Privacy Policy

1. Introduction

This Privacy Policy applies to the Processing of information by Ahrefs Group (“Ahrefs”, “we”, “us”, or “our”) in connection with the provision of Firehose (https://firehose.com/) and the products or services in connection with Firehose from time to time (collectively, “Firehose Services”).

By interacting with or using Firehose Services, you consent to the Processing of your information (including your Personal Data) in accordance with this Privacy Policy. If you are a California resident, please also refer to our Notice at Collection at Section 11.

Firehose Services and/or its tools, features or functionalities may use, include, be built on, be supported by or be used in conjunction with Third Party Services and/or you may use Third Party Services through Firehose Services. This means that your use of Firehose Services may be in tandem with the use of Third Party Services. You agree that your information may be independently collected, used or otherwise processed in accordance with and/or subject to the terms, privacy policies and any other applicable policies of the Third Party Services (as may be amended from time to time). We strongly encourage you to review the aforesaid policies.

This Privacy Policy does not apply to the products and services of other companies or organisations that advertise Firehose Services. If we are ever involved in a merger, acquisition or sale of assets (although we don’t have plans to!), we will notify you before your Personal Data becomes subject to a different privacy policy.

2. Interpretation

In addition to the terms defined elsewhere herein, the following terms shall have the meaning ascribed to them in this section.

“Data Protection Laws”

means any and all laws, regulations, rules, measures, interpretations, codes or guidelines issued by any government authority in any part of the world with jurisdiction over Ahrefs which pertain to the protection of Personal Data and/or privacy, including the Personal Data Protection Act 2012, the Regulation (EU) 2016/679 (General Data Protection Regulation) and The California Consumer Privacy Act of 2018 as amended by The California Privacy Rights Act of 2020.

“Data Subject”

means any identifiable natural person whose Personal Data we Process.

“Personal Data”

means any information or data, whether true or not, about an individual who can be identified from that data or from that data and other information to which Ahrefs has or is likely to have access, and/or any other information or data that constitutes as such under Data Protection Laws.

“Process” or “Processing”

means carrying out any operation or set of operations on or in relation to Personal Data, including collection, use, disclosure, transfer, sale, recording, holding, organisation, adaptation, alteration, retrieval, combination, transmission, erasure or destruction.

“Third Party Service(s)”

means any third-party product, service, software, technology and/or code provided under separate terms that is used to build or support Firehose Services or is offered in conjunction with Firehose Services, including social media platforms, integration partners and open-source software.

3. Collection of Information

We collect information to provide our website and Firehose Services, which may include your Personal Data. The information we collect and Process depends on how you use Firehose Services. We store the information we collect with unique identifiers tied to the browser, application or device you are using.

We collect the following information as you access and use Firehose Services:

3.1 Data collected automatically

Some data is collected automatically as you use Firehose Services, such as:

• browser information such as type, version and settings
• device information such as type and operating system
• IP address
• date, time and referral URL of access request
• access status or HTTP status code

3.2 Data collected in connection with the use of cookies and similar technologies

We also collect data in connection with your use of cookies. The data collected depends on how you manage your cookie settings:

• websites or pages visited, access time, frequency and duration of visits, links clicked, interaction with advertisements
• user segment or category
• IP address, model or device type, operating system and version, browser type and settings
• identifiers such as device ID, advertisement ID and individual device token
• cookie-related data such as cookie ID

3.3 Information you voluntarily provide to us

We collect information that you voluntarily provide to us as you access and use Firehose Services (including any Personal Data within such information) such as:

• information provided during registration and subscription to Firehose Services such as:
  • user details (name, email address)
  • transaction information (name, address, payment method)
  • company or organisation information
• information provided as you use Firehose Services, including any data, content, messages, photos, videos, recordings, images, feedback, suggestions, comments and other materials that you provide or input to Firehose Services or through Firehose Services to Third Party Services
• information provided where you contact us via email or social media, such as your email address, social media account ID, social media profile and the content of any messages sent to us
• information within the content of any answers to questions we ask you, such as where we provide customer support

3.4 Information from Third Party Services

We may also collect or receive information from Third Party Services when you connect to Third Party Services, information or content in any accounts you may have with Third Party Services, or output based on input provided by you through Firehose Services to Third Party Services.

4. Purposes of the Processing of Information

The following are the purposes for which we Process information we have collected, which may include your Personal Data:

• User registration and account management: to enable registration for Firehose Services and the conclusion and execution of a contract with you, the creation of user accounts, authentication, account settings customisation and subscription plans management;
• Provision of services: to maintain, provide, deliver and improve Firehose Services and any features or functionalities, as well as performance tracking and reporting, employing hosting and backend infrastructure for the operation of the website, blocking spam and employing the use of user database management;
• Creation and use of analytics and reports: to collate, analyse and/or aggregate information in relation to the use of Firehose Services for internal use and for authorised external parties, such as showing trends regarding general preferences;
• Development of products and services to be offered by Ahrefs, whether or not in connection with Firehose Services and including products and services built on artificial intelligence: to develop new products and services to be offered by Ahrefs, whether or not related to Firehose Services, which may include software improvements and version upgrades, as well as products and services built on artificial intelligence such as through training of our machine learning models;
• Marketing communications: to communicate marketing or advertising information, including personalised content based on the information collected;
• Retargeting or remarketing communications: to communicate unique marketing or advertising information to you based on your prior interactions with Firehose Services; you may opt out of this by disabling cookies when you access our website;
• Customer support: to provide customer communications, such as notifying you about changes to Firehose Services, handling queries and complaints and any other customer service interactions;
• Talent acquisition and workforce management: to manage hiring and employment processes, such as evaluating your application for open positions and processing your employment;
• Fraud prevention and security: to improve the safety and security of Firehose Services, such as undertaking measures in relation to fraud prevention (e.g., authentication measures to prevent unauthorised access);
• Compliance with legal obligations: to comply with our legal obligations, including participating and/or cooperating with investigations and proceedings (including judicial proceedings) conducted by public authorities or governmental authorities for the purposes of detecting, investigating and prosecuting in relation to matters deemed relevant to us at our sole discretion;
• Cookies and similar technologies: to provide a more personalised user experience and improve Firehose Services (for more information, please refer to Section 8 below); and/or
• any other purpose for which we may notify you in writing.

Notwithstanding the above, we may use or process information that is not Personal Data, including information that has been de-identified or aggregated, for any purpose in connection with our business and operations (except where such purpose is prohibited by Data Protection Laws). We may retain your historical data (queries, usage patterns, preferences) to enable future features you may choose to activate, such as AI agents or personalised automation. You can request deletion of historical data at any time, though this may limit the effectiveness of certain features.

5. Disclosure and Transfer of Information

The disclosure and transfer of information to any person(s) is on a need-to-know basis for any of the purposes outlined in Section 4 above.

5.1 Transfer of information to third parties

We may disclose and/or transfer collected information (including Personal Data) to various parties for any of the purposes outlined in Section 4 above. Such parties include:

• Ahrefs affiliates (subsidiaries and related companies), including for its business and operating purposes;
• service providers who assist us in providing or improving Firehose Services, such as hosting companies, IT security companies, communications agencies, payment processors, analytics companies and customer relationship management platforms;
• our auditors, lawyers, accountants and other professional advisors; and
• governmental, regulatory or public authorities or other authorised third parties if required by Data Protection Laws.

5.2 Transfer of information to other jurisdictions

Ahrefs is based in Singapore. Your information (including Personal Data) may be collected, stored, processed, used, disclosed and transferred in various jurisdictions where we operate, including Singapore, Cyprus, the United States and countries within Europe. These jurisdictions may not have data protection laws equivalent to those applicable to you and we may be required to disclose information (including Personal Data) to the courts, law enforcement or governmental authorities in these jurisdictions. We take reasonable steps, including technical and organisational measures, to ensure that information (including Personal Data) is adequately protected as required by Data Protection Laws.

6. Retention of Information

We retain information for as long as necessary to fulfill the purposes outlined in Section 4 above, unless a longer retention period is required or permitted by applicable law. The retention period depends on the context in which it is collected, including the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure and whether we can achieve the stated purpose of collection through other means.

Where we no longer need to retain information, we will ensure that the information is securely disposed of in a timely manner in accordance with Data Protection Laws.

7. Protection of Information

We are committed to safeguarding information (including Personal Data) with appropriate security measures. We employ a range of technical and organisational measures to protect information (including Personal Data) against unauthorised access, alteration, disclosure, or destruction. While we endeavour to use commercially acceptable means to protect your information, given the inherent nature of the internet, we cannot guarantee absolute security and we accept no liability for any unintentional disclosure of information.

If you have reason to believe that your interaction with us is no longer secure (for example, if you believe the security of your Account has been compromised), please contact us immediately at privacy@ahrefs.com.

8. Cookies and Similar Technologies

Cookies are small text files that are placed by web browsers on your device, including by first-parties (i.e. us) and third-parties (i.e. other service providers on our behalf) to store your preferences and login information, and to provide us with analytics and advertising insights. Our use of cookies and similar technologies is described in our Cookie Notice.

You may manage your cookie settings by:

• managing your cookie settings on our cookie consent banner; or
• adjusting your browser’s settings to reject cookies.

If you reject our use of cookies, please note that certain features and functionalities of Firehose Services may not work properly.

9. Your Rights and Choices

Subject to Data Protection Laws (and depending on your jurisdiction), you may exercise any of the following rights:

• Right to access: the right to request for a copy of the Personal Data we Process about you and information about how we Process such data;
• Right to rectification: the right to request that we correct or supplement any inaccurate or incomplete Personal Data;
• Right to erasure: the right to request that we erase your Personal Data, subject to certain limitations; we may retain certain information as needed to comply with our legal obligations or permitted by applicable law;
• Right to restriction: the right to request that we restrict the Processing of your Personal Data in specific cases;
• Right to data portability: the right to request for your Personal Data in a structured, commonly used and machine-readable format, where technically feasible;
• Right to object: the right to object to our Processing of your Personal Data in specific cases; and/or
• Right to withdraw consent: the right to withdraw your consent to Processing, where applicable, without penalty; withdrawal of consent will not affect the lawfulness of Processing carried out before such withdrawal.

These rights may be limited in some circumstances by applicable law. We reserve the right to verify the identity of the individual submitting a request, and we may require additional information to confirm such identity. Any request may be subject to a reasonable fee as permitted by Data Protection Laws. Where we are unable to fulfil a request, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

To exercise your rights, please email us at privacy@ahrefs.com.

10. Changes

We reserve the right, at our sole discretion, to amend this Privacy Policy, in whole or in part, at any time without notice and with immediate effect. We encourage you to review this Privacy Policy periodically. Please check the last modified date at the top of the page. By continuing to use Firehose Services, you agree to the current version of this Privacy Policy.

11. Notice at Collection (for California Residents)

This section applies to California residents in addition to the rest of this Privacy Policy. This Notice at Collection supplements the foregoing by providing additional disclosures under the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (collectively the “CCPA”).

We do not “sell” or “share” Personal Information as defined by the CCPA. We do not have actual knowledge that we sell or share the Personal Information of California residents under 16 years of age.

Categories of Personal Information Collected, Used and Disclosed

Sensitive Personal Information

We only use your sensitive personal information for purposes referenced at Subsection 1798.121(a) of the CCPA, namely to perform the services or provide the goods reasonably expected by an average California resident who requests those goods or services, and we do not use sensitive personal information to infer characteristics about you.

CCPA Rights

As a California resident, you have the following rights under the CCPA:

• Right to know what personal information we have collected about you, including categories, sources, purposes, third parties, and specific pieces. You may exercise this right twice within a 12-month period.
• Right to delete personal information that we have collected from you, subject to certain exceptions.
• Right to correct inaccurate personal information that we maintain about you.
• Right to opt out of the sale or sharing of your personal information. We do not “sell” or “share” personal information as the CCPA defines these terms.
• Right to limit our use and disclosure of sensitive personal information. We do not use or disclose sensitive personal information for purposes other than those specified in Cal. Civil Code 1798.121(a).
• Right to non-discrimination for the exercise of privacy rights conferred by the CCPA.

How to Exercise CCPA Rights

Methods of Submission: To submit a request to exercise your rights to know, delete or correct, please email privacy@ahrefs.com.

Verification: Only you, or someone legally authorised to act on your behalf, may make a request related to your personal information. You may designate an authorised agent by taking the steps outlined under “Authorised Agent” further below. In your request or in response to us seeking additional information, you, or your authorised agent, must provide sufficient information to allow us to reasonably verify that you are, in fact, the person whose personal information was collected.

Opt-Out Preference Signals: We do not “sell” or “share” personal information or use or disclose “sensitive personal information” for purposes outside of those referenced at subsection 1798.121(a) of the CCPA and therefore do not process opt-out signals.

Authorised Agents: You can designate an authorised agent to make a request under the CCPA on your behalf if:

• The authorised agent is a natural person or a business entity and the agent provides proof that you gave the agent signed permission to submit the request; and
• You directly confirm with the Company that you provided the authorised agent with permission to submit the request.

If you provide an authorised agent with power of attorney pursuant to Probate Code sections 4121 to 4130, it may not be necessary to perform these steps and we will respond to any request from such authorised agent in accordance with the CCPA.

12. Contact Us

If you have any questions or comments about this Privacy Policy or our practices, please contact us at: