Privacy Policy

AiReachly Inc. is the data controller for personal data collected through aireachly.com and related services. Our data protection contact is privacy@aireachly.com. We keep our obligation to appoint a formal Data Protection Officer (Art. 37 GDPR) under ongoing review.

• Identity & Account Data — name, email address, and encrypted password provided on registration.
• Usage & Behavioural Data — pages visited, features used, AI ranking queries, session duration, and click paths, collected automatically.
• Technical Data — IP address, browser type, operating system, device identifiers, and referral URLs.
• Communications — messages you send us, including support requests.
• Payment Data — billing name, address, and card details processed by Stripe (PCI-DSS compliant). We do not store full card numbers.
• AI Interaction Data — queries submitted to our ranking engine, logged in anonymised or pseudonymised form to improve accuracy.

• Performance of a Contract (Art. 6(1)(b)) — processing necessary to provide the services you registered for, including account management, AI rankings, and billing.
• Legitimate Interests (Art. 6(1)(f)) — security monitoring, fraud prevention, and product analytics, where our interests are not overridden by your fundamental rights.
• Consent (Art. 6(1)(a)) — marketing communications and non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Legal Obligation (Art. 6(1)(c)) — where retention or disclosure is required under Irish or EU law.

• Provide, operate, and maintain the AiReachly platform and AI-powered ranking features.
• Manage your account, process payments, and send transactional communications.
• Send product updates and, where opted in, marketing communications.
• Analyse usage patterns to improve performance, reliability, and user experience.
• Detect and prevent fraud, abuse, and security incidents.
• Comply with legal and regulatory obligations under Irish and EU law.

• Service Providers — trusted processors (cloud hosting, analytics, email delivery, payment processing) operating under GDPR-compliant Data Processing Agreements.
• AI Model Partners — aggregated, anonymised query data may be shared with model providers (OpenAI, Anthropic, Google, Perplexity) for ranking accuracy. No personally identifiable data is transferred.
• Legal Disclosures — data may be disclosed to Irish or EU authorities where required by law or court order.
• Business Transfers — in a merger or acquisition, data may transfer to a successor entity subject to equivalent protections.
• We do not sell personal data. We do not use personal data for profiling or solely automated decision-making with legal effects (Art. 22 GDPR).

Some service providers operate outside the European Economic Area. International transfers rely on the European Commission's Standard Contractual Clauses (SCCs) or other approved mechanisms under Chapter V GDPR. A list of countries where our processors operate is available on request.

Account data is retained for the duration of the account plus 12 months following deletion, then securely purged. Anonymised analytics data may be retained indefinitely. Financial records are retained for seven years as required by Irish tax law. Retention schedules are reviewed annually.

• Right of Access (Art. 15) — obtain a copy of personal data we hold about you.
• Right to Rectification (Art. 16) — request correction of inaccurate or incomplete data.
• Right to Erasure (Art. 17) — request deletion of your data in certain circumstances.
• Right to Restrict Processing (Art. 18) — request we limit processing while a dispute is resolved.
• Right to Data Portability (Art. 20) — receive your data in a structured, machine-readable format.
• Right to Object (Art. 21) — object to processing based on legitimate interests or for direct marketing.
• To exercise any right, email privacy@aireachly.com. We will respond within one calendar month (Art. 12 GDPR). You also have the right to lodge a complaint with the Data Protection Commission (DPC), 21–25 Canal Road, Dublin 6 — www.dataprotection.ie.

We use cookies in compliance with the ePrivacy Regulations (S.I. No. 336 of 2011) and EU Directive 2002/58/EC as amended. Essential cookies (authentication, security) operate without consent. Non-essential cookies (analytics, preferences) are set only with your prior opt-in via our cookie preference centre. You may withdraw cookie consent at any time through your browser settings or our preference centre.

We apply appropriate technical and organisational measures including TLS encryption in transit, AES-256 encryption at rest, role-based access controls, and periodic security reviews. In the event of a personal data breach posing risk to your rights and freedoms, we will notify the DPC within 72 hours and, where required, inform affected individuals without undue delay (Arts. 33–34 GDPR).

AiReachly is not directed at persons under 16. We do not knowingly collect personal data from children. Contact privacy@aireachly.com if you believe a child has provided data to us.

We may update this Policy to reflect changes in law or our practices. Material changes will be communicated via the platform or email. The "Last Updated" date above reflects the current version. Continued use after the effective date constitutes acknowledgment of the updated Policy.

Data controller contact: privacy@aireachly.com. Supervisory authority: Data Protection Commission, 21–25 Canal Road, Dublin 6, D06 F46A, Ireland — www.dataprotection.ie — +353 (0)57 868 4800.