Intriq AI
Legal

Privacy Policy

Effective: January 01, 2025Last Updated: June 01, 2026Version 1.3
1.

Who We Are

This Privacy Policy applies to the website operated by:

Intriq AI Inc.

251 Little Falls Drive, Wilmington, DE 19808, United States

Our primary legal entity and US parent company, incorporated in Delaware, USA.

Transformation Diagnostics AI Limited, trading as Intriq.AI

Company No.: 15358901

20 Wenlock Road, London, N1 7GU, United Kingdom

Our UK operating subsidiary.

For the purposes of applicable US state privacy laws, the UK General Data Protection Regulation ("UK GDPR"), and the Data Protection Act 2018, we act as a Data Controller in relation to personal data collected via this website.

Data Protection Officer (DPO):

dpo@intriq.ai · gdpr@intriq.ai

2.

Scope of This Policy

This Policy explains how we collect, use, and protect personal data when you:

  • Visit or browse our website
  • Submit a contact form or enquiry
  • Sign up for newsletters, updates, or events
  • Request a demo, trial, or further information
  • Interact with us via email or social media linked from the website

This Policy does not cover data processed inside the Intriq SaaS platform, which is governed by separate contractual and privacy terms.

3.

Personal Data We Collect

We may collect the following categories of personal data:

Identity & Contact Data

Name, email address, company name, job title, phone number

Communication Data

Messages sent via contact forms, email correspondence, support or sales enquiries

Marketing Data

Newsletter subscriptions, event registrations, communication preferences

Technical & Usage Data

IP address, browser type, device information, pages visited, referral source, cookie identifiers

We do not intentionally collect special-category data (such as health or biometric data) via the website.

4.

How We Collect Your Data

  • Directly from you – when you fill in forms or contact us
  • Automatically – through cookies, analytics tools, and server logs
  • Third parties – marketing or analytics providers (where permitted)
5.

Legal Bases for Processing

We process personal data under the following legal bases:

  • US State Privacy Laws (CCPA/CPRA): We process data for legitimate business purposes, to fulfill your requests, and with your consent where required by applicable state law.
  • UK/EU GDPR — Contractual steps (Art. 6(1)(b)): responding to demo or service enquiries
  • UK/EU GDPR — Legitimate interests (Art. 6(1)(f)): operating, securing, and improving the website
  • UK/EU GDPR — Consent (Art. 6(1)(a)): marketing communications and non-essential cookies
  • UK/EU GDPR — Legal obligation (Art. 6(1)(c)): where required by law

You may withdraw consent at any time.

6.

How We Use Your Data

We use website-collected data to:

  • Respond to enquiries and requests
  • Provide information about our products and services
  • Improve website performance and usability
  • Send newsletters or updates (where you opt-in)
  • Monitor security and prevent misuse

We do not sell personal data.

7.

Cookies & Analytics

We use cookies and similar technologies for:

  • Essential site functionality
  • Analytics and performance measurement
  • Marketing (where consent is given)

Full details are available in our Cookie Policy, accessible via the website footer.

8.

Data Retention

We retain personal data only as long as necessary:

Contact enquiries

Up to 24 months

Marketing subscriptions

Until you unsubscribe

Website logs & analytics

Up to 12 months

Data is securely deleted or anonymised when no longer required.

9.

Data Security

We implement appropriate technical and organizational measures, including:

  • HTTPS / TLS 1.3 encryption in transit; AES-256 encryption at rest
  • Access controls and least-privilege principles
  • Secure hosting on ISO 27001:2022 certified infrastructure (certified May 2026)
  • SOC 2 Type II examined platform (completed May 2026)
  • Regular monitoring, logging, and annual independent penetration testing
10.

Sharing & Disclosure

We may share personal data only:

  • Within the Intriq AI group (US and UK entities), under a binding intra-group data transfer agreement
  • With trusted service providers acting under contract
  • Where required by law or regulatory authorities
  • In connection with a corporate transaction (with safeguards)

We do not permit third parties to use your data for their own marketing purposes.

11.

International Transfers

Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards, such as:

  • UK IDTA / EU Standard Contractual Clauses
  • Adequacy decisions (where applicable)
  • Intra-group transfers to Intriq AI Inc. (US) are governed by a binding data transfer agreement
12.

US Privacy Rights

If you are a resident of California or another US state with applicable privacy laws, you may have the following rights:

Right to Know: Request disclosure of the specific pieces and categories of personal information we have collected about you.
Right to Delete: Request the deletion of your personal information, subject to certain exceptions.
Right to Opt-Out: Opt-out of the sale or sharing of your personal information. Note: Intriq AI does not sell your personal information.
Right to Non-Discrimination: Receive equal service and price even if you exercise your privacy rights.

To exercise these rights, contact us at privacy@intriq.ai.

13.

International Data Protection Rights (UK/EU)

If you are located in the UK or EEA, you have the right to:

Access your personal data
Rectify inaccurate data
Request erasure
Restrict or object to processing
Withdraw consent
Lodge a complaint with the UK ICO or your applicable supervisory authority

Requests can be made to dpo@intriq.ai or gdpr@intriq.ai. We respond within one month.

14.

Children's Privacy

Our website is not intended for individuals under 18.

While UK GDPR sets the age of consent at 13, we apply a higher standard of 18 given the professional B2B nature of our services. We do not knowingly collect personal data from minors.

15.

Changes to This Policy

We may update this Policy from time to time.

Material changes will be clearly communicated, and the "Last Updated" date will be revised.

Related Policies: For SaaS platform privacy practices (authenticated users), see app.intriq.ai/privacy.

16.

Contact

For questions or concerns about this Privacy Policy:

Intriq AI Inc.

Data Protection Officer, 251 Little Falls Drive, Wilmington, DE 19808, United States

Transformation Diagnostics AI Limited (Intriq.AI)

20 Wenlock Road, London, N1 7GU, United Kingdom

17.

Version History

VersionDateChanges
v1.02026-02-01Initial version
v1.12026-05-15Security section updated; rights contact corrected; US entity added
v1.32026-06-01American English; US-first framing; added US Privacy Rights section; updated certification dates

© 2026 Intriq AI. All rights reserved.