Get Started

Privacy policy

Privacy Policy

Privacy Policy

Last updated: 30 April 2026

1. Your Privacy

AI Search Ltd is committed to protecting your personal data and being transparent about how we collect and use it. This policy explains what data we collect, why we collect it, how we store it and what your rights are under applicable UK data protection law, including the UK GDPR and the Data Protection Act 2018.

The personal data we may collect includes:

• Usage and behavioural data from your interactions with our website
• First name and last name
• Email address
• Phone number
• Company name and job title
• IP address
• Any other information you provide voluntarily through our forms or correspondence

We use this data to:

• Deliver and improve our services
• Respond to enquiries and manage client relationships
• Communicate relevant updates, content and offers where you have given consent or we have a legitimate interest in doing so
• Analyse website usage to improve the user experience
• Meet our legal and contractual obligations

If we collect any data not described here, we will make this clear at the point of collection. AI Search Ltd is not responsible for personal data submitted by users about third parties.

2. How and Where Your Data Is Stored

We store and process your data in accordance with the UK GDPR and take appropriate technical and organisational measures to protect it against unauthorised access, loss or disclosure.

Your data is held on secure servers operated by our designated data processors. Where data is accessed by our team members, appropriate access controls are in place. Some of our cloud-based tools may store data on servers outside the UK; where this is the case, we ensure adequate safeguards are in place in line with UK data transfer rules.

3. Keeping Your Data Safe

We take data security seriously and train all team members in data handling best practice. However, no transmission of data over the internet can be guaranteed as entirely secure. Any data submitted to us is done so at the sender’s own risk.

All payments processed through our website or payment systems are encrypted and handled by our authorised payment processors. We do not store payment card details.

4. Your Data and Legal Obligations

In certain circumstances, we may be legally required to disclose your personal data to regulatory bodies, law enforcement or public authorities. We will comply with any such obligation while taking reasonable steps to protect your interests where the law permits.

5. Your Rights

Under UK data protection law, you have the following rights in relation to your personal data:

• The right to access the data we hold about you
• The right to request correction of inaccurate data
• The right to request erasure of your data (the right to be forgotten)
• The right to restrict or object to processing
• The right to data portability
• The right to withdraw consent at any time, where processing is based on consent

To exercise any of these rights, please contact us at privacy@searchai.co.uk. We will respond to all valid requests within one calendar month.

6. Links to Third-Party Websites

Our website may contain links to third-party sites. This privacy policy applies only to searchai.co.uk. We are not responsible for the privacy practices of any external websites and encourage you to review their policies separately before submitting any personal data.

7. Changes to This Policy

We reserve the right to update this privacy policy at any time. Changes will be published on this page with an updated revision date. We recommend checking this page periodically. Continued use of our website following any changes constitutes acceptance of the revised policy.

GDPR Data and Information Policy

AI Search Ltd is committed to transparency in how we collect, hold and use personal data. The following sets out our detailed data governance practices.

8. Data We Hold

Client Data

For clients engaged on a managed service retainer, we hold the following information necessary to deliver our work:

• Contact details: names, email addresses, phone numbers and business addresses
• Website and platform access credentials, where provided by the client for campaign delivery
• Access to relevant advertising, analytics and social accounts, where provided
• Business information relevant to the delivery of GEO and AI search optimisation services

This information is gathered during the client onboarding process. It is stored within our designated cloud platforms: our CRM (HubSpot), project management tools and secure shared drives. Access is restricted to team members directly involved in delivering or administering the account.

Leads and Contacts

Where you request information about our services, submit an enquiry, download a resource or engage with our outbound sales process, we may retain some or all of the following:

• Name
• Email address
• Phone number, if provided
• Company name, size and relevant business information
• Notes from sales conversations, where relevant

This data is collected through our website contact and enquiry forms, inbound calls and our outbound prospecting process using licensed data sources. Lead and contact data is accessible to members of our sales and marketing teams.

9. Legal Basis for Processing

The legal basis on which we process personal data depends on the context:

• Client data is processed on the basis of Contract, as it is necessary to deliver the services agreed
• Lead and contact data collected through inbound enquiries is processed on the basis of Consent
• Lead and contact data used for outbound prospecting is processed on the basis of Legitimate Interest, where we have carried out a Legitimate Interest Assessment in accordance with ICO guidance

Where we rely on legitimate interest, individuals retain the right to object to processing at any time. Objections should be sent to privacy@searchai.co.uk and will be acted upon promptly.

10. Data Consent

All data capture forms on our website make clear how submitted data will be used and by whom. Consent can be withdrawn at any time by contacting us directly or using the unsubscribe link in any email communication we send.

We will not pass your data to third parties for their own marketing purposes without your explicit consent.

11. Data Retention and Disposal

We retain personal data only for as long as is necessary to fulfil the purpose for which it was collected or to meet our legal obligations.

Individuals have the right to request erasure of their data at any time. Upon a valid request, we will remove all records held, including:

• CRM records in HubSpot
• Campaign documents and associated files
• Email marketing records
• Any other records held in our designated systems

Requests for erasure should be sent to privacy@searchai.co.uk. We will confirm completion within one calendar month.

12. Information Security

All team members at AI Search Ltd are required to comply with the following security standards:

• Personal data must not be stored on personal devices or outside designated cloud applications
• Passwords must be changed regularly and must meet minimum complexity requirements
• Two-factor authentication must be enabled on all systems holding personal data
• Data should only be collected and retained to the extent necessary to carry out the work required

Our designated cloud applications are the only authorised locations for storing client or contact data. Local storage of personal data on personal or work devices is not permitted.

13. Risk Assessment and Mitigation

Risk: Unauthorised access to staff systems or accounts
Impact: Personal data of clients or contacts could be accessed, leaked or exploited.
Mitigation: All cloud systems require password protection and two-factor authentication. Access is granted on a least-privilege basis and reviewed regularly.

Risk: Data loss on staff departure
Impact: Client or contact data could be retained or misused after a team member leaves.
Mitigation: An offboarding process is in place that revokes all system access promptly upon departure.

14. Training

All AI Search Ltd team members receive training covering:

• Password and account security
• Data handling procedures, including permitted storage methods and categories of data that must never be retained unnecessarily
• Device security and remote working requirements
• Responsibilities under UK GDPR

15. Breach Notification

A data breach includes any event involving the destruction, loss, alteration or unauthorised access to personal data.

Any team member who suspects a breach has occurred must notify the Data Protection Lead immediately. Following notification, AI Search Ltd will:

• Assess the scope and impact of the breach
• Notify affected individuals and the ICO where required under UK GDPR
• Investigate the root cause
• Implement remedial measures to prevent recurrence

16. Right of Access

Individuals may request access to their personal data at any time. All such requests should be directed to privacy@searchai.co.uk. Upon receipt, we will:

• Confirm what data we are processing and on what basis
• Provide a copy of the relevant data held across our systems

All subject access requests will be responded to within one calendar month.

17. Data Processor Contracts

AI Search Ltd maintains written data processing agreements with all third-party providers that process personal data on our behalf, in accordance with Article 28 of the UK GDPR.

These agreements set out the scope, nature and purpose of processing, and the obligations of each party.

Data Protection Impact Assessments are conducted whenever a new tool or system is introduced into our workflow that involves the processing of personal data.

18. Contact

All data-related enquiries, requests or concerns should be directed to:

AI Search Ltd
Data Protection Lead
privacy@searchai.co.uk
searchai.co.uk

AI Search Ltd is a company registered in England and Wales.

© 2026 AI Search Ltd. All rights reserved.