Privacy Policy

1. Introduction

1.1 About This Policy

This Privacy Policy explains how Search Intelligence Ltd ("Company", "We", "Us", "Our") collects, uses, discloses, and protects personal data when You use the Search Intelligence AI platform ("Platform"). This Policy applies to all users of the Platform, including visitors, registered users, and subscribers.

1.2 Data Controller

The data controller responsible for Your personal data is:

Search Intelligence Ltd is solely responsible for the operation of the Platform and for all processing of User personal data. AI Search Labs Ltd is not involved in the provision of the Services or the processing of personal data.

1.3 Software Owner

The Platform software is owned by AI Search Labs Ltd (Company No. 16719803), with its registered office at Windrush House, Windrush Park Road, Witney, England, OX29 7DX.

Important: AI Search Labs Ltd does not act as a data controller or data processor in relation to User personal data and does not access, host, store, or process personal data. All personal data processed through the Platform is handled exclusively by Search Intelligence Ltd as the sole Data Controller.

1.4 Legal Framework

We process personal data in accordance with:

• The UK General Data Protection Regulation (UK GDPR)
• The Data Protection Act 2018
• The Privacy and Electronic Communications Regulations 2003 (PECR)
• Other applicable data protection laws and regulations

2. Data We Collect

2.1 Account Information

When You register for an account, We collect:

• Full name
• Email address
• Password (stored in encrypted/hashed form)
• Company/organisation name (if provided)
• Billing address
• Phone number (if provided)

2.2 Payment Information

When You subscribe to a paid plan, We collect:

• Payment card details (processed securely via third-party payment processors)
• Billing address
• Transaction history
• Subscription plan details

Note: Full payment card numbers are NOT stored on Our servers. Payment processing is handled by PCI-DSS compliant third-party providers (such as Stripe).

2.3 User-Generated Content

We collect data You provide through Your use of the Platform:

• Brand names and aliases You configure for tracking
• Website URLs and sitemap data
• Keywords and search queries You track
• Topics and prompts You create
• Content briefs and generated articles
• Team member information (names, emails)
• Any other content You upload or create

2.4 Technical and Usage Data

We automatically collect:

• IP addresses
• Browser type and version
• Device type and operating system
• Referring URLs
• Pages visited and features used
• Time spent on the Platform
• Click patterns and navigation paths
• Error logs and crash reports
• Session identifiers
• Timestamps of activities

2.5 Third-Party Data

The Platform processes data obtained from third-party sources:

• AI platform responses (ChatGPT, Claude, Gemini, Perplexity)
• Search engine ranking data (Google, Bing)
• SERP analysis data
• Website content from URLs You provide
• Publicly available business information

2.6 Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain Your session and authentication state
• Remember Your preferences and settings
• Analyse Platform usage and performance
• Enable certain Platform features

By using the Platform, You consent to Our use of cookies. You may configure Your browser to reject cookies, but this may impair Platform functionality.

3. How We Use Your Data

3.1 Lawful Bases for Processing

We process Your personal data under the following lawful bases:

Contract Performance:

• Providing access to the Platform and its features
• Processing subscriptions and payments
• Managing Your account
• Delivering customer support

Legitimate Interests:

• Improving and developing the Platform
• Analysing usage patterns and trends
• Preventing fraud and abuse
• Ensuring Platform security
• Marketing Our services to existing customers
• Enforcing Our terms and conditions

Legal Obligations:

• Complying with tax and accounting requirements
• Responding to lawful requests from authorities
• Maintaining required records

Consent:

• Sending marketing communications (where required)
• Using certain cookies and tracking technologies
• Processing special category data (if applicable)

3.2 Specific Processing Activities

We use Your data to:

• Create and manage Your user account
• Process payments and manage subscriptions
• Provide AI visibility tracking services
• Generate content briefs and AI-written articles
• Track SEO rankings and provide analytics
• Send service-related communications
• Provide customer support
• Detect and prevent fraud, abuse, and security incidents
• Improve Platform features and user experience
• Conduct research and analytics
• Comply with legal obligations

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share data with third-party service providers who assist in operating the Platform:

• Cloud Infrastructure: Hosting and storage providers
• Payment Processors: Stripe and other payment service providers
• AI Services: OpenAI (ChatGPT), Anthropic (Claude), Google (Gemini), Perplexity AI
• SEO Data Providers: DataForSEO and other ranking data providers
• Analytics: Web analytics and monitoring services
• Email Services: Transactional email providers
• Customer Support: Help desk and support tools

These providers process data on Our behalf and are contractually obligated to protect Your data.

Important: No User personal data is shared with AI Search Labs Ltd. AI Search Labs Ltd is the owner of the Platform software intellectual property only and does not receive, access, or process any User personal data.

4.2 AI Platform Data Sharing

4.3 Corporate Transactions

In the event of a merger, acquisition, reorganisation, bankruptcy, or sale of assets, Your personal data may be transferred as part of that transaction. We will notify You of any such change and any choices You may have regarding Your data.

4.4 Legal Requirements

We may disclose Your data if required by law or in response to:

• Court orders or legal process
• Requests from law enforcement or government authorities
• To protect Our rights, property, or safety
• To investigate potential violations of Our terms
• To prevent fraud or illegal activities

4.5 Aggregated and Anonymised Data

We may share aggregated or anonymised data that cannot reasonably be used to identify You for research, analysis, marketing, or other business purposes without restriction.

5. International Data Transfers

5.1 Transfers Outside the UK

Your personal data may be transferred to and processed in countries outside the United Kingdom, including the United States and other jurisdictions where Our service providers operate. These countries may have different data protection laws than the UK.

5.2 Safeguards

Where We transfer data outside the UK, We implement appropriate safeguards such as:

• Standard Contractual Clauses (SCCs) approved by the UK ICO
• Transfers to countries with adequate data protection (as determined by the UK)
• Other legally recognised transfer mechanisms

5.3 Your Consent to Transfers

By using the Platform, You explicitly consent to the transfer of Your personal data to countries outside the UK, including the United States, for processing by Our service providers.

6. Data Retention

6.1 Retention Periods

We retain personal data for as long as necessary to:

• Active accounts: For the duration of Your subscription plus 2 years after account closure
• Transaction records: 7 years (for tax and legal compliance)
• Marketing data: Until You unsubscribe or withdraw consent
• Analytics data: Up to 3 years in aggregated form
• Legal claims: Duration of any applicable limitation period

6.2 Deletion

When data is no longer required, We will securely delete or anonymise it. Some data may be retained in backup systems for a limited period before complete deletion.

7. Data Security

7.1 Security Measures

We implement technical and organisational measures designed to protect Your personal data, including:

• Encryption of data in transit (TLS/SSL)
• Encryption of data at rest
• Secure password hashing
• Access controls and authentication
• Regular security assessments
• Employee training on data protection
• Incident response procedures

7.2 No Absolute Security

7.3 Your Security Responsibilities

You are responsible for:

• Maintaining the confidentiality of Your account credentials
• Using strong, unique passwords
• Keeping Your devices and software secure
• Notifying Us immediately of any suspected security breach
• Not sharing Your account access with unauthorised persons

8. Limitation of Liability for Data Incidents

8.1 Third-Party Security Incidents

TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR ANY UNAUTHORISED ACCESS TO, LOSS, ALTERATION, OR DISCLOSURE OF YOUR DATA RESULTING FROM:

• Security breaches at third-party service providers, including cloud hosting providers, AI platforms, payment processors, or any other third parties
• Vulnerabilities in third-party software, APIs, or services
• Actions or omissions of third parties over whom We have no control
• Cyberattacks, hacking attempts, or malicious activities by third parties
• Failures of internet infrastructure or telecommunications providers

8.2 User-Caused Incidents

WE SHALL NOT BE LIABLE FOR ANY DATA INCIDENTS CAUSED BY:

• Your failure to maintain adequate security of Your account credentials
• Sharing Your account access with others
• Using weak or compromised passwords
• Phishing, social engineering, or other attacks exploiting Your actions
• Malware or security vulnerabilities on Your devices
• Your failure to implement recommended security practices

8.3 Force Majeure

We shall not be liable for data incidents resulting from circumstances beyond Our reasonable control, including but not limited to: acts of God, natural disasters, war, terrorism, riots, government actions, power failures, internet outages, or other force majeure events.

8.4 Limitation on Damages

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

• We shall NOT be liable for any indirect, incidental, special, consequential, or punitive damages arising from data incidents
• We shall NOT be liable for loss of profits, revenue, business, goodwill, or data
• Our total liability for all claims related to data protection shall not exceed the Subscription Fees paid by You in the twelve (12) months preceding the incident

8.5 Acknowledgement of Risk

By using the Platform, You acknowledge and accept that:

• No online service can guarantee complete data security
• You provide personal data at Your own risk
• You have made Your own assessment of the risks involved
• You accept the risk of potential data breaches
• You will not hold Us liable for incidents beyond Our reasonable control

8.6 Statutory Rights

Nothing in this Policy affects Your statutory rights under applicable data protection laws that cannot be excluded or limited by contract. We remain subject to mandatory obligations under the UK GDPR and Data Protection Act 2018, including the obligation to implement appropriate security measures and to notify relevant authorities of qualifying data breaches.

9. Your Rights

9.1 Data Subject Rights

Under the UK GDPR, You have the following rights:

• Right of Access: Request a copy of Your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of Your data in certain circumstances
• Right to Restrict Processing: Request limitation of processing in certain circumstances
• Right to Data Portability: Receive Your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Rights Related to Automated Decision-Making: Not be subject to solely automated decisions with legal effects

9.2 Exercising Your Rights

To exercise Your rights, contact Us at: [email protected]. We will respond within one month (extendable by two months for complex requests). We may require verification of Your identity before processing requests.

9.3 Limitations on Rights

Your rights are not absolute and may be limited by:

• Legal obligations requiring Us to retain data
• Legitimate interests that override Your request
• Ongoing contractual relationships
• Legal claims or defences
• The rights and freedoms of others

9.4 Right to Complain

You have the right to lodge a complaint with a supervisory authority. The relevant authority for the UK is:

10. Children's Privacy

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If We become aware that We have collected data from a child, We will take steps to delete it promptly. If You believe We have collected data from a child, please contact Us immediately.

11. Marketing Communications

11.1 Marketing Preferences

We may send You marketing communications about Our products and services. You can opt out at any time by:

• Clicking the unsubscribe link in any marketing email
• Updating Your preferences in Your account settings
• Contacting Us at [email protected]

11.2 Service Communications

We will continue to send essential service-related communications (such as account notifications, security alerts, and billing information) regardless of Your marketing preferences.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify You of material changes by posting the updated Policy on the Platform and/or by email. Your continued use of the Platform after changes constitutes acceptance of the revised Policy. We encourage You to review this Policy periodically.

13. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or Our data practices, please contact Us: