1. Who we are and who controls your information
WhiteSERP is a founder-led ecommerce SEO agency operated by Nafil MP, also known as Nafil Shareef. For personal information collected through this website or directly for WhiteSERP’s own business purposes, WhiteSERP generally acts as the organisation deciding why and how that information is used.
Website: https://whiteserp.com/
Privacy and general enquiries: WhiteSERP contact page
WhatsApp: +91 90374 23769
Founder profile: Nafil Shareef on LinkedIn
Before publishing: add the correct legal entity name, registered business address and dedicated privacy email if WhiteSERP operates through a registered company or uses different official contact details.
2. Scope of this Privacy Policy
This policy applies to personal information processed through:
- the WhiteSERP website and its pages;
- the SEO price calculator and other interactive tools;
- contact, enquiry and privacy-request forms;
- WhatsApp, LinkedIn, email, calls and other business communications;
- proposals, contracts, onboarding, service delivery, reporting and billing;
- website analytics, security, logs and consent-management technologies; and
- business-to-business prospect, partner and supplier relationships.
Third-party websites and services have their own privacy practices. This policy does not control how WhatsApp, LinkedIn, Google, hosting providers, payment providers or other independent organisations process information for their own purposes.
3. Information we may collect
Information you provide directly
- name, business name, role and professional contact details;
- email address, telephone or WhatsApp number and preferred communication method;
- website URL, ecommerce platform, markets, services requested and budget range;
- priority categories, products, business goals, internal resources and website concerns;
- messages, files, feedback, meeting notes and other communication content;
- contract, billing, transaction and service-administration information; and
- privacy requests and information needed to verify or respond to them.
Information collected through website use
- IP address, device type, browser, operating system and approximate location derived from technical data;
- referring page, pages viewed, actions taken, timestamps and error information;
- cookie, consent and preference information;
- analytics, performance, security and anti-abuse signals; and
- calculator selections or form entries stored temporarily in the browser while the tool is being used.
Information received from other sources
- public business websites, professional profiles and company directories;
- referrals from clients, partners or professional contacts;
- analytics, advertising, hosting, security or communications providers; and
- information supplied by an authorised colleague or representative of your organisation.
Do not submit sensitive credentials. Do not place passwords, payment-card data, private keys, full government identification documents, medical information or confidential third-party data inside ordinary website or WhatsApp enquiry forms.
4. SEO calculator, contact forms and WhatsApp
The WhiteSERP SEO calculator is designed to provide an estimated scope and price without requiring an account or email address. Calculator selections are processed in the visitor’s browser to update the estimate.
When a visitor chooses to share an estimate or submit the current contact form, the website prepares a WhatsApp message containing the selected or entered information. WhatsApp opens with that message ready for the visitor to review and send. The message is not sent automatically.
After a visitor sends the message, WhatsApp and its related companies process the communication under their own terms and privacy policies. WhiteSERP receives and uses the message to respond to the enquiry, evaluate engagement fit and maintain an appropriate business record.
If WhiteSERP later connects a form to WordPress, a CRM, email platform, spreadsheet, automation service or form processor, this policy and the form notice should be updated to identify the actual processing arrangement.
5. How WhiteSERP may use personal information
| Purpose | Examples of information | Why it is used |
| Responding to enquiries | Name, contact details, website and message | To understand the request, answer questions and recommend a suitable next step. |
| Preparing proposals and contracts | Business requirements, scope, pricing and responsible contacts | To take steps requested before a contract and document an agreed engagement. |
| Delivering SEO services | Website access, analytics, content, product and business information | To perform audits, research, implementation guidance, reporting and agreed services. |
| Operating the website | Device, usage, logs and technical events | To provide website functionality, investigate errors and maintain reliability. |
| Analytics and improvement | Page views, actions, referrals and aggregated trends | To understand website performance and improve content, tools and user experience. |
| Security and abuse prevention | IP addresses, logs and suspicious activity | To protect accounts, websites, systems, users and business information. |
| Business administration | Contracts, invoices, payments and communications | To maintain financial, tax, legal, service and operational records. |
| Marketing communications | Professional contact details and communication preferences | To send relevant updates where consent or another lawful basis allows it. |
| Legal and regulatory matters | Records relevant to a dispute, request or legal obligation | To exercise rights, respond to lawful requests and comply with applicable requirements. |
6. Lawful bases and permission to process information
The legal basis depends on the information, relationship, purpose and law that applies. WhiteSERP may rely on:
- consent, such as for non-essential cookies or optional marketing where required;
- steps requested before entering a contract, such as reviewing an enquiry or preparing a proposal;
- performance of a contract, such as delivering agreed SEO services;
- legitimate interests, such as operating the business, improving services, maintaining appropriate records, preventing fraud and communicating with professional contacts, where those interests are not overridden by individual rights;
- legal obligations, including tax, accounting, regulatory and lawful disclosure duties; and
- establishing, exercising or defending legal claims, where applicable.
Where applicable Indian data-protection requirements use consent, legitimate uses or other defined grounds, WhiteSERP will assess the appropriate basis and provide notices or choices required for that processing.
7. Cookies, analytics and similar technologies
Cookies and related technologies may store or read information in a browser or device. Depending on the website’s actual configuration, WhiteSERP may use the following categories:
- strictly necessary technologies for security, page functionality, consent choices and essential operations;
- preference technologies that remember selected settings;
- analytics technologies that help measure visits, page use, errors and performance;
- experience tools such as aggregated heatmaps or session-interaction analysis, when enabled lawfully; and
- advertising or attribution technologies, only when actually configured and permitted.
Where required, non-essential technologies should remain disabled until the visitor provides valid consent. Visitors can use the website’s cookie banner or browser controls to accept, reject or manage available categories.
Implementation check: before publication, confirm the exact tools running on the live site—such as Google Analytics, Google Tag Manager, Microsoft Clarity, Hotjar, advertising pixels or embedded media—and ensure the cookie banner matches the real configuration.
8. When information may be shared
WhiteSERP may share personal information only where reasonably necessary with:
- hosting, website, security, analytics and technical service providers;
- communications, email, video meeting, WhatsApp and professional-network platforms;
- CRM, project-management, document, cloud-storage and collaboration providers;
- payment, accounting, tax and professional advisers;
- contractors or specialists supporting an agreed service, subject to appropriate confidentiality and access controls;
- government bodies, regulators, courts or law-enforcement authorities where legally required; and
- a buyer, successor or adviser involved in a legitimate business reorganisation, subject to appropriate protections.
WhiteSERP does not intentionally sell personal information for money. Certain analytics, advertising or embedded technologies may be defined as “sharing” under some privacy laws depending on their configuration. Where applicable, WhiteSERP will provide required notices and opt-out mechanisms.
9. International data transfers
WhiteSERP serves international businesses and may use service providers operating in different countries. This means information can be processed outside the country where it was collected.
Where applicable law restricts international transfers, WhiteSERP will use an available lawful mechanism, contractual protection, adequacy decision or other safeguard appropriate to the transfer. No transfer mechanism can eliminate every security or legal risk, but reasonable safeguards will be considered based on the information and service involved.
10. How long information is retained
WhiteSERP aims to retain personal information only for as long as reasonably necessary for the purpose collected, including legal, contractual, tax, accounting, security and dispute-resolution needs.
Typical factors used to decide retention include:
- whether an enquiry becomes a client relationship;
- the duration of the contract and support period;
- legal limitation and financial record-keeping periods;
- the sensitivity and security risk of the information;
- whether the information is needed to prevent fraud or respond to a dispute; and
- whether the person has requested deletion or withdrawn consent.
Information may be deleted, anonymised, aggregated or securely archived when it is no longer needed for an active purpose.
11. Security
WhiteSERP uses reasonable organisational and technical measures intended to protect personal information against unauthorised access, alteration, disclosure, loss or misuse. Measures may include access limitation, secure credentials, encryption provided by platforms, software updates, backups, confidentiality requirements and security monitoring.
No website, cloud service, messaging platform or internet transmission can be guaranteed completely secure. Visitors should use trusted devices and networks and should never send passwords or highly sensitive credentials through ordinary forms or WhatsApp.
If WhiteSERP becomes aware of a qualifying personal-data breach, it will assess the incident and make notifications required by applicable law.
12. Marketing communications
WhiteSERP may send service updates, relevant business communications or marketing messages when permitted by law. You can ask WhiteSERP to stop marketing communications at any time.
Stopping marketing does not prevent necessary service, contractual, security, billing or legal communications. Third-party platforms may maintain their own communication and advertising preferences.
13. Children’s privacy
WhiteSERP provides business and professional services and is not designed for children. WhiteSERP does not knowingly seek personal information from children through the website.
A parent or guardian who believes a child submitted personal information can contact WhiteSERP so the situation can be reviewed and appropriate action taken.
14. Third-party links, tools and embedded services
The website may link to or embed services operated by other organisations, including WhatsApp, LinkedIn, Google, video-hosting, analytics and social platforms. Those organisations may collect information directly and operate under their own privacy notices.
WhiteSERP is not responsible for independent third-party privacy practices. Review the relevant third-party notice before submitting information or changing your privacy settings.
15. Changes to this Privacy Policy
WhiteSERP may update this policy when services, tools, vendors, legal requirements or business practices change. The “Last updated” date will be revised when material changes are published.
Where required, additional notice or consent will be provided for a material new use of personal information.
16. Contacting WhiteSERP about privacy
Privacy enquiries and requests can be submitted through the privacy request tool below, the contact page or WhatsApp.
WhiteSERP may request reasonable information to verify identity, authority or the relevant interaction before disclosing, changing or deleting personal information. Only information necessary for verification should be provided through an appropriate method.
Depending on your location, you may also have the right to complain to the data-protection or privacy authority responsible for your jurisdiction.