Privacy Policy

Effective Date: February 2, 2026

At izyt ("we," "our," or "us"), we value your privacy. This Privacy Policy explains how we collect, use, and share information when you use our Service.

1. Data Controller

The data controller responsible for your personal data is:

izyt Limited

[Registered Address]

United Kingdom

Email: jamieogundiran@izyt.io

2. Information We Collect

A. Information You Provide

  • Account Information: When you create an account, we collect your email address and any profile information you provide.
  • Search Queries: When you search for a product, we collect the text of your query.

B. Automatically Collected Information

  • Usage Data: We collect information about how you interact with our Service, including timestamps and technical identifiers.
  • Cookies: We use essential cookies to maintain your session and preferences. See our Cookie section below.

C. Information from Third Parties

Our Service aggregates publicly available information from third-party platforms to provide our analysis. This may include reviewer usernames, review content, ratings, and timestamps.

3. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Contract Performance: To provide you with our Service and fulfill our contractual obligations to you.
  • Legitimate Interests: To improve and develop our Service, ensure security, and prevent fraud. We balance these interests against your rights.
  • Consent: Where you have given explicit consent, such as for marketing communications. You may withdraw consent at any time.
  • Legal Obligation: To comply with applicable laws and regulations.

4. How We Use Your Information

We use the information we collect to:

  • Provide and operate our Service.
  • Process your searches and deliver results.
  • Maintain and improve our Service.
  • Communicate with you about your account or our Service.
  • Ensure the security and integrity of our platform.

5. How We Share Your Information

  • Service Providers: We share information with vendors who perform services on our behalf, such as email delivery and hosting.
  • Legal Requirements: We may disclose information if required by law or in response to valid requests by public authorities.
  • Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred.

We do not sell your personal data to third parties.

6. International Data Transfers

Some of our service providers are located outside the UK and European Economic Area. When we transfer your data internationally, we ensure appropriate safeguards are in place:

  • Email Services: We use Resend for email delivery, which may process data in the United States. Transfers are protected by Standard Contractual Clauses (SCCs) approved by the UK Government.
  • We only transfer data to countries with adequate protection or where appropriate safeguards exist.

7. Cookies

We use cookies and similar technologies on our Service:

  • Essential Cookies: Required for the Service to function, including authentication and session management. These cannot be disabled.

We do not use advertising or tracking cookies. You can manage cookie preferences through your browser settings.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account data is retained while your account is active.
  • Search history is retained for up to 12 months.
  • We may retain certain data longer if required by law or for legitimate business purposes.

9. Third-Party Links and Services

The Service may contain links to third-party websites. This Privacy Policy does not apply to those websites, and we are not responsible for their privacy practices.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

11. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected data from a child, please contact us immediately.

12. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing: Request limitation of how we use your data.
  • Right to Data Portability: Receive your data in a structured, commonly used format.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please submit a Data Subject Access Request (DSAR) by contacting us at the email address below. We will respond within one month.

Right to Complain

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ico.org.uk/make-a-complaint

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the effective date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Email: jamieogundiran@izyt.io

Subject Line: Privacy Inquiry or Data Subject Access Request

We aim to respond to all legitimate requests within one month. If your request is complex, we may extend this by a further two months, but we will notify you.