Privacy Policy

Last updated: 14 January 2026

Leanr Ads Ltd (“Leanr Ads”, “Leanr”, “we”, “us”, “our”) respects your privacy and is committed to protecting personal data in accordance with the UK GDPR, EU GDPR, and applicable data protection laws.

This Privacy Policy explains how we process personal data when you:

• visit our website (leanrads.com);
• contact us or engage with us commercially; or
• interact with advertising creatives delivered or measured using Leanr’s creative technology services.

This policy should be read alongside our Cookie Policy and any contractual documentation (e.g. Data Processing Addendum) agreed with clients.

1. Who we are

Leanr Ads Ltd
United Kingdom
Email: tom@leanrads.com
Website: https://www.leanrads.com

Controller and Processor roles

• Website, enquiries and business operations: Leanr Ads acts as a Data Controller.
• Creative delivery and advertising measurement services: Leanr Ads typically acts as a Data Processor on behalf of its client (the client is the Data Controller).
• Specific roles and responsibilities are documented in our contracts and Data Processing Addendum (DPA).

2. Personal data we process

2.1 Website and enquiries

• Name
• Work email address
• Company name
• Message content
• Basic technical data (e.g. IP address, timestamps, user agent)

2.2 Client and commercial data

• Business contact details
• Contractual and billing information
• Service communications and support requests

2.3 Creative delivery and measurement data (ad-serving context)

When Leanr’s creative server is used to render or measure advertising creatives, we may process limited technical and event-level data. We design the service to minimise personal data and avoid direct identification of individuals.

A. Event and request data

• Creative, campaign, placement or line-item identifiers (non-personal)
• Event type (e.g. impression, click, interaction where enabled)
• Timestamps and basic delivery metadata
• Error, retry or debug indicators

B. Device and network data

• IP address (used for security, fraud prevention and coarse location only; truncated or anonymised where feasible)
• User agent (browser and operating system information)
• Limited technical headers required for delivery

C. Consent and privacy signals

• IAB TCF Transparency & Consent String (TC string)
• GDPR applicability flag (e.g. gdpr=1)
• Other regional privacy signals where supported (e.g. GPP sections)

D. What we do not intentionally collect

• Names, personal email addresses or phone numbers from ad impressions
• Precise geolocation data
• Special category data
• Behavioural or cross-site user profiles

3. How we use personal data

3.1 Website and business operations

• Operating and securing our website
• Responding to enquiries
• Managing client relationships and contracts
• Providing customer support

3.2 Creative delivery and measurement services

• Rendering and delivering advertising creatives
• Counting impressions, clicks and basic interactions
• De-duplicating events and handling retries
• Fraud detection, security and error prevention
• Operational reporting and service reliability analysis
• Applying consent and privacy signals where required

4. Legal bases for processing

• Consent — where required for device storage or analytics
• Contract — to deliver services to clients
• Legitimate interests — security, fraud prevention, debugging and service integrity
• Legal obligation — compliance with applicable laws and regulatory requests

5. IAB TCF and advertising privacy

Leanr Ads supports the IAB Europe Transparency & Consent Framework (TCF). Where a TCF-compliant Consent Management Platform (CMP) is in place, consent and legitimate interest signals may be passed to Leanr via the TC string.

In advertising contexts, the Data Controller (typically the publisher, advertiser or platform) determines which purposes and legal bases apply. Leanr processes data strictly in accordance with the controller’s instructions and applicable contracts.

If required consent is missing or invalid, our systems may limit processing to what is strictly necessary for delivery, security or error prevention.

6. Cookies and similar technologies

Leanr uses cookies and similar technologies only where necessary and as described in our Cookie Policy. Cookies are not required for core creative delivery and are treated as optional, best-effort mechanisms.

7. Data sharing

We may share personal data with:

• Infrastructure and hosting providers
• Security, monitoring and analytics service providers
• Professional advisers (legal, accounting)
• Clients, where required to deliver contracted services
• Authorities, where legally required

8. International transfers

Where personal data is transferred outside the UK or EEA, appropriate safeguards are used, such as adequacy decisions or Standard Contractual Clauses.

9. Data retention

We retain personal data only for as long as necessary for the purposes described above. Typical retention periods include:

• Website enquiries: up to 12 months
• Client and contractual records: contract term plus legal requirements
• Creative server event and security logs: short-lived where feasible, typically days or weeks, and no longer than necessary for measurement, security or audit purposes

10. Your rights

Where Leanr Ads acts as a Data Controller, you may have the right to access, rectify, erase, restrict or object to processing, and to withdraw consent where applicable.

To exercise your rights, contact tom@leanrads.com. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

Processor note: Where Leanr acts as a Data Processor, rights requests should be directed to the relevant Data Controller. We will assist controllers as required under our contracts.

11. Security

We implement appropriate technical and organisational measures to protect personal data, including access controls, secure infrastructure, monitoring, and least-privilege practices.

12. Children

Our services are not directed at children and we do not knowingly process personal data relating to individuals under 16.

13. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date.

14. Contact

For privacy-related questions or requests:
Email: tom@leanrads.com