Legal

Privacy Policy

Last updated: June 2026

1. Introduction

Agenie Ltd ("Agenie," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our data infrastructure platform and services (the "Service"), including any free trial and our paid subscription plans.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Company Information

Data Controller:

AGENIE LTD
Company Number: 16174945
85 Great Portland Street, First Floor
London, England, W1W 7LT
Email: info@agenie.io

Where Agenie processes personal data on behalf of customers as a data processor, such processing is governed by the Agenie Data Processing Addendum ("DPA"), which forms part of the applicable customer agreement and includes appropriate safeguards for international data transfers, such as Standard Contractual Clauses and the UK International Data Transfer Addendum. The DPA is available upon request.

3. Information We Collect

3.1 Information You Provide

When you register for an account (including a free trial account), we collect:

• Name and contact information (email address, phone number)
• Company name and business information
• Billing and payment information (paid plans only)
• Account credentials

3.2 Data from Connected Platforms

When you connect third-party platforms or services to Agenie, we process data from those platforms in accordance with your instructions and the applicable connector configuration. Depending on the platforms you choose to connect, this may include:

• Ecommerce Platforms (e.g. Shopify and similar platforms): order data, customer data, product data, inventory data
• Analytics Platforms (e.g. Google Analytics): website traffic, user behaviour, and conversion data
• Advertising Platforms (e.g. Meta Ads): campaign performance, ad spend, and conversion data
• Marketing Automation Platforms (e.g. Klaviyo): email campaign data, subscriber information, and engagement metrics
• Other Connected Services: data types as described in the relevant connector documentation

The specific platforms connected and the data processed depend on the integrations enabled by the customer. We only access data necessary to provide the Service. You control which platforms to connect and can disconnect them at any time.

3.3 Usage Information

We automatically collect:

• Log data (IP address, browser type, pages visited)
• Device information (device type, operating system)
• Service usage data (features used, queries made, API calls)
• Cookies and similar tracking technologies

3.4 Communications

When you contact us, we collect information about your communications, including email content, support tickets, and feedback.

3.5 Marketing Consent Data

Where you provide your email address through a lead-capture form (such as a content download or newsletter signup) and consent to receive marketing communications from Agenie Ltd, we collect your email address and a record of your consent, including the date, source, and the specific consent language presented to you.

4. How We Use Your Information

We use the collected information to:

• Provide, operate, and maintain the Service (including any free trial)
• Process data from your connected platforms and create unified analytics
• Build and maintain your data warehouse and semantic layer
• Generate insights and metrics as requested
• Process payments and manage subscriptions (paid plans only)
• Respond to support requests and provide customer service
• Send service updates and administrative communications
• Send marketing communications where you have given consent
• Improve and optimise the Service
• Detect and prevent fraud and security threats
• Comply with legal obligations

4.1 Creating Aggregated and Anonymised Data

Industry Benchmarks and Insights

We may create aggregated, anonymised datasets from company performance data across our platform in order to:

• Provide industry benchmarking features within the Service
• Power predictive analytics and forecasting features
• Train machine learning models for recommendations and insights
• Develop new features and improve existing functionality
• Conduct research and publish industry reports
• Market our services with statistical insights

We will not sell, license, or commercially distribute Aggregated Data to third parties.

Anonymisation Process

We employ robust anonymisation techniques to ensure individual customers cannot be re-identified:

• Removal of all direct identifiers (company names, contact details, unique account identifiers)
• Statistical aggregation across a minimum cohort of twenty (20) customers
• Suppression of metrics where sample sizes are below the minimum cohort threshold
• Data perturbation and noise addition where appropriate
• Regular audits to verify anonymisation effectiveness

Once anonymised, this data is no longer considered Personal Data under UK GDPR or EU GDPR and is not subject to data retention limits or deletion requests.

Nature of Aggregated Data

Benchmarks and industry insights are derived from company-level performance metrics (for example, median conversion rates or average order values across a category). They are aggregated across a minimum cohort of twenty (20) companies and anonymised so that no individual company can be identified or its figures reverse-engineered.

Aggregated Data of this kind does not identify any natural person and does not constitute Personal Data under UK GDPR or EU GDPR. Insofar as the underlying company metrics are temporarily associated with a customer account during processing, we carry out that step on the basis of our legitimate interests (UK GDPR Article 6(1)(f)) in developing and improving the Service.

This processing is integral to the Service and is not subject to opt-out.

Transparency Commitment

We will never:

• Sell, license, or commercially distribute identifiable customer data or Aggregated Data to third parties
• Share individual customer metrics with competitors
• Use your company name in benchmarks without permission
• Re-identify anonymised data once aggregated

4.2 Beta and Early-Access Features

Where you use features designated as beta, early access, or experimental, we may collect additional usage data and feedback to evaluate and improve those features. Your underlying Customer Data (such as data from connected platforms) is unaffected by the status of any beta feature. However, derived outputs generated by a beta feature — such as predictions, custom calculations, or reports specific to that feature — may not be preserved or recoverable if the feature is modified or discontinued. See Section 3.1 of our Terms & Conditions for full beta feature terms.

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Contract Performance: Processing necessary to provide the Service, including maintaining your account, processing connected platform data, and creating benchmarks
• Legitimate Interests: Improving the Service, security, fraud prevention, and developing anonymised, aggregated industry insights and benchmarks, balanced against your privacy rights through the anonymisation safeguards described in Section 4.1
• Legal Obligation: Compliance with applicable laws
• Consent: Marketing communications sent to individuals who have opted in via lead-capture forms, newsletter signups, or similar consent mechanisms. You may withdraw consent at any time

Once anonymised, resulting Aggregated Data is no longer Personal Data and falls outside the scope of GDPR restrictions.

6. Data Sharing and Disclosure

6.1 We Do Not Sell Your Data

We do not sell, rent, trade, or commercially license your personal data, Customer Data, or Aggregated Data to third parties.

6.2 Service Providers

We share data with trusted service providers who assist us in operating the Service:

• Cloud hosting providers (for data storage and processing)
• Payment processors (for billing)
• Analytics services (to improve the Service)
• Customer support tools
• Marketing and lead-generation technology providers

These providers are contractually obligated to protect your data and may only use it to provide services to us.

6.3 Legal Requirements

We may disclose your data if required by law, court order, or government request, or to protect our rights, property, or safety.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We will notify you of any such change.

7. Data Security

We implement industry-standard security measures to protect your data:

• Encryption at rest and in transit (TLS/SSL)
• Access controls and authentication
• Regular security audits and penetration testing
• Employee training on data protection
• Secure data centres with physical security measures
• API key security and rate limiting

Whilst we strive to protect your data, no method of transmission over the internet is 100% secure. You are responsible for maintaining the security of your account credentials.

8. Data Retention

We retain your data as follows:

Account Data: Retained whilst your account is active, regardless of whether you are on a free trial or a paid plan.

Customer Data — Paid Plans: If you cancel, do not renew, or your paid subscription is terminated, your account is suspended. Your full Customer Data is retained for ninety (90) calendar days following suspension to allow you to reactivate by subscribing to a paid plan. After ninety (90) days, such data is permanently deleted from our systems, including backups.

Customer Data — Free Trials: Where a free trial is not converted to a paid plan, or where no data source is connected before the trial expires, the account and any associated Customer Data may be closed and permanently deleted. If you do not select a paid plan within ninety (90) calendar days after the trial expires, the account and all associated Customer Data may be permanently deleted.

Customer Data — Account Termination: If an account is terminated (by you or by us), Customer Data will be permanently deleted within thirty (30) calendar days.

Billing Records: Retained for seven (7) years for tax and legal compliance.

Backups: Retained for ninety (90) days.

Shopify Data: Notwithstanding any longer retention periods stated above, data sourced from Shopify will be deleted within thirty (30) days of application uninstallation, termination of the Service, or receipt of a valid deletion request, in accordance with Shopify's API License and Terms of Use.

After the applicable retention period, data is permanently deleted from our systems, including backups. Written confirmation of deletion is available upon request to info@agenie.io.

9. Your Rights (GDPR & UK Data Protection)

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete data
• Deletion: Request deletion of your data (subject to legal obligations and contractual retention periods)
• Portability: Receive your personal data in a machine-readable format, where technically feasible
• Restriction: Request limitation of data processing
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for marketing communications at any time
• Lodge a Complaint: File a complaint with the Information Commissioner's Office (ICO) or your local data protection authority

To exercise these rights, contact us at info@agenie.io. We will respond within thirty (30) days.

10. Data Transfers

Your data may be transferred to and processed in countries outside of the United Kingdom and the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your session and authentication
• Remember your preferences
• Analyse Service usage
• Improve user experience

With your consent, we and selected marketing technology partners may also use cookies and similar technologies to recognise your visit to our website and, where permitted by law, associate that activity with contact information such as an email address. This may enable us or service providers acting on our behalf to send relevant marketing communications.

You can control cookies through your browser settings. However, disabling certain cookies may limit functionality of the Service. You may opt out of receiving marketing communications at any time by using the unsubscribe link in any marketing email or by contacting us at info@agenie.io.

12. Third-Party Links

The Service may contain links to third-party websites (such as documentation for integrated platforms). We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.

13. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it immediately.

14. Marketing Communications

We may send you marketing communications about our products and services where you have given consent (for example, by opting in through a lead-capture form, content download, or newsletter signup on our website).

Where you are an existing customer, we may also send marketing communications related to similar products and services under the "soft opt-in" provision of the Privacy and Electronic Communications Regulations (PECR), provided you are given a clear opportunity to opt out.

You can opt out at any time by clicking the unsubscribe link in any marketing email or by contacting us at info@agenie.io. We will not share your email address with third parties for their marketing purposes.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or Service announcement at least thirty (30) days before taking effect. Continued use of the Service after changes constitutes acceptance of the updated policy.

16. Data Protection Officer

For questions about data protection or to exercise your rights, contact our Data Protection Officer:

Email: info@agenie.io
Post: Data Protection Officer, AGENIE LTD, 85 Great Portland Street, First Floor, London, England, W1W 7LT

17. Contact Us

For questions about this Privacy Policy or our privacy practices:

Email: info@agenie.io
Post: AGENIE LTD, 85 Great Portland Street, First Floor, London, England, W1W 7LT

Addendum: Artificial Intelligence and Analytics Transparency

Automated Processing and Artificial Intelligence

We use automated and machine-learning systems to analyse data and generate insights as part of the Service.

Depending on the data source and applicable contractual restrictions, these systems may be trained or adapted using a customer's data either on a customer-specific basis or, where permitted, across customers.

Where data is obtained from platforms that restrict downstream artificial intelligence or machine-learning use, such data is not used to create shared or cross-customer learning effects.

Aggregated and Anonymised Analytics

We may aggregate and anonymise data to generate comparative analytics and benchmarking insights within the Service, where permitted by applicable law and the terms governing the relevant data source. These insights are used to help customers understand their own performance and do not identify any individual or customer. We will not sell, license, or commercially distribute Aggregated Data to third parties.

Data Retention — Platform Requirements

Where data is sourced from third-party platforms that impose specific retention requirements, those requirements override our standard retention periods. For example, data sourced from Shopify is deleted within thirty (30) days of app uninstallation or a valid deletion request.

By using our Service, you acknowledge that you have read and understood this Privacy Policy.