1. Introduction
Aether Agency ("we", "us", "our") operates the Aether GEO platform ("the Service"). This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Service. We are committed to ensuring your privacy is protected in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data We Collect
We collect the following categories of personal data:
- Account information: Name, email address, and organisation name when you create an account.
- Usage data: Pages visited, features used, articles generated, and performance metrics.
- Content data: Articles, keywords, and other content you create or generate through the Service.
- Technical data: Browser type, device information, IP address, and cookies.
- Integration data: CMS connection details and publishing preferences.
3. How We Use Your Data
We use your personal data for the following purposes:
- To provide and maintain the Service, including article generation and analytics.
- To authenticate your identity and manage your account.
- To personalise your experience, including keyword suggestions and content recommendations.
- To communicate important updates, security notices, and product changes.
- To improve the Service through aggregated, anonymised usage analytics.
- To comply with legal obligations and enforce our Terms & Conditions.
4. Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract: Processing necessary to provide the Service you have subscribed to.
- Legitimate interests: To improve our Service, prevent fraud, and ensure security.
- Consent: For optional communications and non-essential cookies.
- Legal obligation: To comply with applicable laws and regulations.
5. Third-Party Services
We use trusted third-party services to deliver the Service. Your data may be processed by:
- Supabase: Authentication, database, and storage (hosted in the EU).
- AI providers (e.g. Anthropic, OpenAI, Perplexity): Content generation and analysis. Only the data necessary for content generation is shared.
- Netlify: Hosting and deployment.
- Stripe: Payment processing (we do not store your payment card details).
We do not sell your personal data to any third party.
6. Data Retention
- Account data is retained for the duration of your subscription plus 30 days after deletion.
- Generated content is retained until you delete it or your account is terminated.
- Usage analytics are retained in anonymised, aggregated form indefinitely.
- You may request deletion of your data at any time by contacting us.
7. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including: encryption in transit (TLS) and at rest, role-based access controls, regular security reviews, and secure authentication via Supabase Auth. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
8. Your Rights
Under UK GDPR, you have the following rights:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Request correction of inaccurate or incomplete data.
- Right to erasure: Request deletion of your personal data.
- Right to restrict processing: Request limitation of how we use your data.
- Right to data portability: Request your data in a structured, machine-readable format.
- Right to object: Object to processing based on legitimate interests.
To exercise any of these rights, contact us at hello@aether-agency.co.uk. We will respond within 30 days.
9. Cookies
We use cookies for the following purposes:
- Essential cookies: Required for authentication and core functionality. These cannot be disabled.
- Analytics cookies: Help us understand how you use the Service. These are optional and can be declined.
You can manage your cookie preferences at any time through the cookie consent banner.
10. International Transfers
Some of our third-party providers may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent measures approved by the UK Information Commissioner's Office (ICO).
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the Service. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.
12. Contact & Complaints
If you have questions about this Privacy Policy or wish to make a complaint, contact us at hello@aether-agency.co.uk.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.