Privacy policy

1. Who we are (the controller)

HiGEO is a service operated by DT Global Ventures Ltd (registered in England and Wales, company number 16042336, VAT number GB480044905), registered office 3rd Floor, 86-90 Paul Street, London, EC2A 4NE, United Kingdom. For the personal data described in this policy, DT Global Ventures Ltd is the data controller. You can reach us about privacy at privacy@higeo.ai or by post at the address above.

2. The data we collect

a) Account data (data about you)

When you start a trial or create an account, we collect your email address and a password, which we store only as a securely hashed value (we never store your password in readable form). We record whether you have verified your email, your email-notification preference, and the dates your account was created and last updated. We do not ask for a credit card to start your 14-day free trial, so we hold no payment-card data in connection with the trial.

b) Usage data (how you use HiGEO)

We record how you interact with the product so we can operate and improve it: the projects you create, the questions you accept or edit, the scans you run, and basic technical information your browser sends (such as IP address and device or browser type) and our server logs. We keep you signed in using a token stored in your browser.

c) Project and scan data (including data about other brands)

When you add a project, you give us a website domain, and optionally the countries and languages you want to track. HiGEO then crawls that website (at least the homepage) to infer the brand name, a short description, and the topics it covers. To measure visibility, HiGEO sends questions to three AI engines (ChatGPT with browsing, Perplexity, and Google AI Overviews) and stores the answers those engines return, together with the sources they cite (the page URLs, domains, titles, and snippets). Some of this collected data is about brands other than yours: the competitors that AI engines recommend, and the public web pages and discussion threads those answers cite. This information comes from publicly available AI answers and publicly accessible web pages, not from any private source.

What we do not collect

We do not collect special-category data (such as health, race, or political views). We do not buy personal-data lists. We do not run third-party advertising or marketing trackers on this website. We do not require a credit card to begin a trial.

3. Why we use it, and our legal basis

Where we rely on legitimate interests, we have weighed our interest against your rights, and you can object. Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of what we did before you withdrew it.

4. Who we share it with

We do not sell your personal data. We share data only with the service providers we use to run HiGEO, each bound to protect it and to use it only on our instructions:

• Vercel for website and frontend hosting.
• Neon for our managed PostgreSQL database, where account, usage, and scan data is stored.
• SendGrid (Twilio) for sending transactional email (verification, password reset, scan-completion notices).
• The AI engine providers we query: OpenAI (ChatGPT), Perplexity, and the source we use for Google AI Overviews. We send the question text and the brand or topic context needed to run the scan; we do not send your account password or your other projects.

We may also disclose data if required by law, to enforce our Terms of service, or in connection with a sale or reorganization of the business, in which case we will tell you and this policy will continue to apply to your data.

5. International transfers

HiGEO is operated from the United Kingdom, and our providers may process data in the United States or other countries. Where we transfer personal data outside the UK or the EEA, we rely on appropriate safeguards, such as the UK International Data Transfer Agreement or Addendum and the EU Standard Contractual Clauses, and on adequacy decisions where they apply. You can ask us for more detail at privacy@higeo.ai.

6. How long we keep it

We keep account data for as long as your account is active, and for a reasonable period afterward to handle any follow-up, then we delete or anonymize it. We keep usage and server logs for a limited period for security and troubleshooting. We keep project and scan data while the related project exists in your account; when you delete a project or your account, we delete or anonymize the associated scan data within a reasonable period, subject to backups that age out on a normal cycle. We may keep limited records longer where the law requires it.

7. Cookies and similar technologies

HiGEO uses the minimum needed to run the service. We keep you signed in using an authentication token stored in your browser. We do not use third-party advertising cookies, and as of this version we do not run a third-party analytics or marketing tracker on this website, so there is no cookie-consent banner because there is nothing non-essential to consent to. If we add privacy-respecting, first-party analytics in future, we will update this policy and, where the law requires it, ask for your consent first.

8. How we protect it

Passwords are stored only as a securely hashed value (we cannot read them). Data in transit is encrypted over HTTPS. Access to the production systems is limited to people who need it to run the service. No system is perfectly secure, so we cannot promise absolute security, but we take reasonable measures to protect your data and we will tell affected users and the relevant regulator about a personal-data breach where the law requires it.

9. Your rights

Depending on where you live (and in particular under UK GDPR and EU GDPR), you have the right to access the personal data we hold about you, ask us to correct it, ask us to delete it, ask us to restrict or object to certain processing, withdraw consent you previously gave, and receive a copy of the data you gave us in a portable format. You can do most of this from your account settings, or by emailing privacy@higeo.ai, and we will respond within the time the law allows. If you are in the UK, you can also complain to the Information Commissioner's Office (ICO) at ico.org.uk. If you are in the EU or EEA, you can complain to your local data-protection authority.

If you are in California or another US state with privacy laws, you also have rights to know what we collect, to access and delete it, and not to be discriminated against for exercising them. We do not sell personal information. To exercise any right, email privacy@higeo.ai.

10. Brands named in scan data and public reports

HiGEO analyzes how AI engines talk about brands, and our public report directory shows reports for some recognizable brands using publicly available AI answers and public web pages. This data is about businesses in a business context, not about private individuals. If you represent a brand named in a public HiGEO report and you have a question or a request (for example, a correction or removal), contact us at legal@higeo.ai. Our approach to public reports is set out in our Terms of service.

11. Children

HiGEO is a business tool and is not directed to children. We do not knowingly collect personal data from anyone under 16. If you believe a child has given us personal data, contact us and we will delete it.

12. Changes to this policy

We may update this policy as the product or the law changes. When we make a material change, we will update the "Last updated" date at the top and, where appropriate, tell you by email or in the app. The current version always lives at higeo.ai/privacy.

13. Contact

Questions about this policy or your data: privacy@higeo.ai, or write to DT Global Ventures Ltd, 3rd Floor, 86-90 Paul Street, London, EC2A 4NE, United Kingdom. See also our Terms of service and our contact page.