Last updated: 12 May 2026
1. Introduction
This Privacy Policy explains how GEO Jetpack (“we”, “us”, “our”) collects, uses, stores and protects your personal data when you visit our website at geojetpack.ai, use our application at app.geojetpack.ai, or otherwise interact with our services (collectively, the “Service”).
We are committed to protecting your privacy and handling your personal data transparently and in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (EU GDPR).
By using the Service, you agree to the collection and use of information in accordance with this policy.
2. Who We Are
GEO Jetpack is operated by Binary Bear Limited, a company registered in England and Wales with company number 10227311 and registered office at Sussex Innovation Centre, Science Park Square, Falmer BN1 9SB.
For the purposes of UK GDPR, we are the data controller of personal data you provide to us through the Service.
You can contact us at:
- Email: privacy@geojetpack.ai
- Post: Sussex Innovation Centre, Science Park Square, Falmer BN1 9SB.
3. Information We Collect
3.1 Information you provide to us
We collect personal data you provide directly when you use the Service or interact with us, including:
- Account data: name, email address, password (stored as a hash), company name, job title
- Billing data: billing address, VAT number, and payment details (processed by our payment provider — we do not store full card numbers)
- Campaign data: brand names, URLs, prompts, competitor names, and other information you input when setting up audits or campaigns
- Communications: messages, support tickets, demo requests, survey responses, and any other content you send us
- Form submissions: information you provide via contact forms, lead generation forms (including on platforms such as LinkedIn), or demo booking forms
3.2 Information collected automatically
When you use the Service, we automatically collect:
- Usage data: pages visited, features used, time spent, click paths, session timestamps
- Device data: IP address, browser type and version, operating system, device identifiers, screen resolution, language settings
- Cookies and similar technologies: see Section 5 below
3.3 Information from third parties
We may receive personal data from:
- Authentication providers (Clerk) when you sign in to the Service
- Payment providers (Stripe) when you make a purchase
- Analytics and advertising platforms in aggregated or pseudonymised form
- Lead generation platforms (e.g. LinkedIn Lead Gen Forms) when you submit a form expressing interest in our Service
- Publicly available sources such as company websites, where relevant to a B2B relationship
4. How We Use Your Information
We process your personal data for the following purposes and on the following lawful bases under UK GDPR:
| Purpose | Lawful basis |
|---|---|
| Providing the Service (account creation, running audits, generating reports) | Performance of a contract |
| Processing payments and managing subscriptions | Performance of a contract |
| Responding to enquiries, demo requests, and support tickets | Legitimate interests / Performance of a contract |
| Sending service communications (account notifications, security alerts, product updates) | Performance of a contract / Legitimate interests |
| Sending marketing communications | Consent (where required) / Legitimate interests (existing customers, similar services) |
| Improving and developing the Service (analytics, debugging, product research) | Legitimate interests |
| Preventing fraud, abuse, and security incidents | Legitimate interests / Legal obligation |
| Complying with legal, tax, and accounting obligations | Legal obligation |
Our legitimate interests include running, growing, and securing our business, understanding how our customers use the Service, and protecting the Service and our users from harm.
5. Cookies and Tracking Technologies
Our website and application use cookies and similar technologies (such as pixels and local storage) to recognise you, remember your preferences, analyse usage, and — where you consent — measure and deliver relevant advertising.
We use the following categories of cookies:
- Strictly necessary cookies — required for the Service to function (e.g. authentication, security, load balancing). These do not require consent.
- Analytics cookies — help us understand how visitors use our website (e.g. Google Analytics).
- Marketing cookies — used to measure advertising performance and deliver relevant ads (e.g. LinkedIn Insight Tag, Google Ads conversion tags).
When you first visit our website, our cookie banner allows you to accept or reject non-essential cookies. You can change your preferences at any time via the cookie settings link in our website footer.
You can also control cookies through your browser settings. Note that disabling some cookies may affect site functionality.
6. How We Share Your Information
We do not sell your personal data. We share it only with:
6.1 Service providers (sub-processors)
We rely on trusted third parties to operate the Service. Each is bound by a data processing agreement requiring appropriate security and confidentiality measures. Our current sub-processors include:
- Clerk — authentication and user management
- Railway — application hosting and database
- Vercel — frontend hosting
- Stripe — payment processing
- OpenAI, Anthropic, Google, Perplexity — large language model APIs used to run brand visibility audits
- Google (NLP API, Knowledge Graph API) — entity extraction and enrichment
- DataForSEO — SEO data provider
- ScraperAPI, Browserless.io — web fetching infrastructure used to retrieve publicly available web pages for analysis
- Google Analytics — website analytics
A current list of sub-processors is available on request.
6.2 Professional advisers
Lawyers, accountants, auditors and insurers, where necessary and under duties of confidentiality.
6.3 Legal and regulatory bodies
Where required by law, court order, or to protect our rights, property, or safety, or those of others.
6.4 Business transfers
In the event of a merger, acquisition, sale of assets, or insolvency, your personal data may be transferred to a successor entity, subject to the same protections set out in this policy.
7. International Data Transfers
Some of our service providers are based outside the UK and the European Economic Area (EEA), including in the United States. Where we transfer personal data outside the UK or EEA, we put in place appropriate safeguards, including:
- Transfers to countries deemed adequate by the UK government or European Commission
- Standard Contractual Clauses (SCCs) supplemented by the UK International Data Transfer Addendum (or the UK IDTA) where applicable
- Additional technical and organisational measures where required
You can request a copy of the safeguards in place by contacting us at privacy@geojetpack.ai.
8. Data Retention
We keep your personal data only for as long as necessary for the purposes for which it was collected:
- Account data: for the duration of your account, plus up to 12 months after closure
- Campaign and audit data: for the duration of your account, plus up to 12 months after closure
- Billing records: at least 6 years to meet UK accounting and tax obligations
- Marketing data: until you withdraw consent or object
- Support communications: up to 3 years after the last interaction
- Website analytics data: up to 26 months
When data is no longer needed, we securely delete or anonymise it.
9. Data Security
We use appropriate technical and organisational measures to protect your personal data, including:
- Encryption in transit (TLS) and at rest
- Access controls and authentication safeguards
- Regular review of security practices and third-party providers
- Logical separation of customer environments where appropriate
No system is completely secure, but we work hard to minimise risk and respond promptly to any incident. If we become aware of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner’s Office (ICO) within 72 hours and affected individuals where required by law.
10. Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — ask us to correct inaccurate or incomplete data
- Right to erasure — ask us to delete your personal data (“right to be forgotten”)
- Right to restriction — ask us to limit how we process your data
- Right to data portability — request your data in a structured, commonly used, machine-readable format
- Right to object — object to processing based on legitimate interests, or to direct marketing
- Right to withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing
- Automated decision-making — we do not currently carry out solely automated decisions that produce legal or similarly significant effects on individuals
To exercise any of these rights, email privacy@geojetpack.ai. We will respond within one month, though this may be extended by a further two months for complex requests (we will let you know if so).
You also have the right to complain to the Information Commissioner’s Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
11. Marketing Communications
We may send you marketing emails about GEO Jetpack and related services where you have consented or where we have a legitimate interest (for example, you are an existing customer and the marketing relates to similar products or services).
You can unsubscribe at any time by clicking the unsubscribe link in any marketing email, by adjusting your communication preferences in your account, or by emailing privacy@geojetpack.ai.
12. Children’s Privacy
The Service is intended for business users and is not directed at, or intended for, individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it.
13. Third-Party Websites
Our website and application may contain links to third-party websites and services. We are not responsible for the privacy practices or content of those sites. Please review their privacy policies before providing them with any personal data.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. We will post the updated version on this page and update the “Last updated” date at the top. Where changes are material, we will notify you by email or through the Service before the changes take effect.
15. Contact Us
If you have any questions, requests, or complaints about this Privacy Policy or our handling of your personal data, please contact us:
Post: GEOJetpack t/a Binary Bear Limited, Sussex Innovation Centre, Science Park Square, Falmer BN1 9SB.
Email: privacy@geojetpack.ai
