Privacy Policy — NeuralAdX Ltd

Effective date: March 9th 2025
Last updated: 26th December 2025

NeuralAdX Ltd (“NeuralAdX”, “we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect personal data when you interact with us, use our website, or purchase our services.

This Privacy Policy is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are (Data Controller)

NeuralAdX Ltd is the data controller responsible for your personal data.

• Company name: NeuralAdX Ltd

• Website: https://neuraladx.com

• Email: [email protected]

• Jurisdiction: United Kingdom

If you have any questions about this Privacy Policy or how we handle your data, you can contact us using the details above.

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

2.1 Information you provide directly

• Name

• Email address

• Telephone number

• Company name

• Job title

• Billing and invoicing details

• Information you submit via contact forms, onboarding forms, proposals, or email correspondence

2.2 Information collected automatically

When you visit our website, we may automatically collect:

• IP address

• Device type, browser type, operating system

• Pages visited and navigation paths

• Referral source

• Date and time of access

This data is collected via cookies and similar technologies (see our Cookie Policy).

2.3 Client and service-related data

If you become a client, we may also process:

• Website URLs

• Analytics access data

• AI citation metrics and performance data

• Content, metadata, and technical information you authorise us to review or process

3. What We Do NOT Collect

We do not intentionally collect:

• Special category data (e.g. health, religion, ethnicity)

• Criminal offence data

• Payment card details (handled by third-party payment processors)

If such data is accidentally provided, it will be deleted unless required for legal reasons.

4. How We Use Your Personal Data (Lawful Bases)

Under UK GDPR, we must have a lawful basis to process personal data. We rely on the following:

4.1 Contractual necessity

To:

• Provide Generative Engine Optimisation (GEO) services

• Fulfil proposals, onboarding, reporting, and support

• Administer subscriptions and billing

4.2 Legitimate interests

To:

• Operate and improve our website

• Communicate with business contacts

• Protect our business from fraud, misuse, or legal claims

• Measure service performance and effectiveness

We balance our legitimate interests against your rights and freedoms.

4.3 Legal obligation

To:

• Comply with tax, accounting, and regulatory requirements

• Respond to lawful requests from authorities

4.4 Consent (where required)

For:

• Non-essential cookies

• Marketing communications to individuals (where consent is required by law)

You may withdraw consent at any time.

5. How We Share Personal Data

We do not sell your personal data.

We may share data only with trusted third parties where necessary, including:

• Hosting and infrastructure providers

• Analytics and performance tools

• AI citation tracking platforms (e.g. Otterly.ai)

• Payment processors and accounting software

• Email and CRM systems

• Professional advisers (legal, accounting, compliance)

All third parties are required to process data securely and lawfully.

6. International Data Transfers

Some third-party providers may process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, such as:

• UK GDPR adequacy regulations

• Standard Contractual Clauses (SCCs)

• Equivalent lawful transfer mechanisms

7. Data Retention

We retain personal data only for as long as necessary:

• Enquiry data: typically up to 12 months

• Client data: for the duration of the contract and up to 6 years thereafter (for legal and tax purposes)

• Marketing data: until you opt out or withdraw consent

When data is no longer required, it is securely deleted or anonymised.

8. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

• Access controls

• Secure hosting environments

• Encryption where appropriate

• Limited internal access on a need-to-know basis

No system is completely secure, but we take reasonable steps to protect your information.

9. Your Rights Under UK GDPR

You have the following rights:

• Right to access your personal data

• Right to rectification

• Right to erasure (where applicable)

• Right to restrict processing

• Right to data portability

• Right to object to processing

• Right to withdraw consent

To exercise your rights, contact: [email protected]

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.

11. Marketing Communications

We may send marketing communications where permitted by law.

You can opt out at any time by:

• Clicking “unsubscribe” in emails

• Contacting us directly

We do not send unsolicited marketing in breach of PECR rules.

12. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for their privacy practices. Please review their policies separately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes.

The latest version will always be available on our website. Continued use of our services constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or how we handle personal data, please contact:

NeuralAdX Ltd
Email: [email protected]
Website: https://neuraladx.com