Privacy Policy

Leanr Ads Ltd

Last updated: 12 May 2026 | Version: 2.0

This privacy policy explains how Leanr Ads Ltd ("Leanr", "we", "us" or "our") collects, uses, stores and shares personal data when you visit our website, contact us, request a demo, use our services, or interact with us as a customer, supplier or business contact.

1. Important information and who we are

This privacy policy gives you information about how Leanr collects and uses personal data through leanrads.com and in connection with our platform, software, APIs, tools and managed services.

Our website and services are not intended for children, and we do not knowingly collect personal data relating to children.

Leanr Ads Ltd is the controller responsible for personal data collected through this website and for personal data we process for our own business purposes. Where we process personal data on behalf of a customer as part of our services, we may act as that customer's processor under the relevant contract or data processing terms.

2. Types of personal data we collect

Personal data means information about an individual from which that person can be identified. We may collect, use, store and transfer the following kinds of personal data:

Identity Data, such as first name, last name, job title, company, username or similar identifier.
Contact Data, such as business email address, postal address and telephone number.
Account and Profile Data, such as user account details, workspace settings, permissions, preferences and authentication-related information.
Commercial and Transaction Data, such as details of services purchased, subscriptions, invoices, payment status and related business records.
Technical Data, such as IP address, device identifiers, browser type and version, time zone setting and location, operating system, platform, and other technology on devices used to access our website or services.
Usage Data, such as information about how you interact with our website, products and services.
Marketing and Communications Data, such as your marketing preferences, communication preferences and records of correspondence with us.

We may also collect, use and share aggregated or anonymised data, such as statistical or demographic information. Aggregated or anonymised data is not personal data where it does not directly or indirectly identify you.

3. How we collect personal data

We use different methods to collect personal data from and about you, including:

Direct interactions. You may give us personal data when you fill in forms, request a demo, create an account, subscribe to updates, provide feedback, contact us, or otherwise correspond with us by email, phone, post or other channels.
Automated technologies or interactions. As you interact with our website and services, we may automatically collect Technical Data and Usage Data using cookies, analytics tools, server logs and similar technologies.
Third parties and publicly available sources. We may receive personal data from analytics providers, advertising networks, search information providers, payment and billing providers, customer systems, business partners, data providers, and public sources such as Companies House.

4. How we use personal data

Legal bases

UK data protection law requires us to have a legal basis for collecting and using personal data. We may rely on one or more of the following legal bases:

Performance of a contract, where we need to perform a contract we are about to enter into or have entered into with you or your organisation.
Legitimate interests, where processing is necessary for our business interests and those interests are not overridden by your rights and freedoms.
Legal obligation, where processing is necessary for compliance with a legal obligation that applies to us.
Consent, where we have obtained your active agreement for a specific purpose, such as certain marketing communications or non-essential cookies.

Purposes for which we use personal data

Purpose	Type of data	Legal basis
To respond to enquiries, demo requests and other communications.	Identity, Contact, Marketing and Communications.	Legitimate interests in responding to business enquiries and developing customer relationships.
To register and manage customer accounts, users, workspaces and service access.	Identity, Contact, Account and Profile, Technical.	Performance of a contract; legitimate interests in providing and administering our services.
To provide, operate, support and improve our website, platform, APIs, tools and managed services.	Identity, Contact, Account and Profile, Technical, Usage, Commercial and Transaction.	Performance of a contract; legitimate interests in running, securing and improving our business and services.
To process billing, payments, subscriptions, invoices and related commercial administration.	Identity, Contact, Commercial and Transaction.	Performance of a contract; legal obligation; legitimate interests in recovering debts and maintaining business records.
To administer and protect our business, website and services, including troubleshooting, testing, system maintenance, reporting, hosting, security monitoring and fraud prevention.	Identity, Contact, Technical, Usage, Account and Profile.	Legitimate interests in network security, service reliability, fraud prevention and business administration; legal obligation where applicable.
To understand website and service usage, measure performance, improve customer experience and develop our products and services.	Technical, Usage, Marketing and Communications.	Legitimate interests in improving our website and services; consent where required for non-essential cookies or analytics.
To support dynamic creative, ad delivery, ad measurement, contextual targeting, audience-based targeting and personalised advertising where configured by Leanr, our customers or our partners.	Identity, Contact, Account and Profile, Technical, Usage, Marketing and Communications, campaign data, consent signals and limited advertising identifiers.	Performance of a contract; legitimate interests in providing, measuring and improving advertising services; consent where required for cookies, similar technologies or personalised advertising.
To send relevant marketing communications, product updates and event invitations.	Identity, Contact, Technical, Usage, Marketing and Communications.	Legitimate interests in business-to-business marketing, or consent where required.
To comply with legal, regulatory, tax, accounting and reporting requirements, and to establish, exercise or defend legal claims.	Identity, Contact, Commercial and Transaction, Technical, Usage, Marketing and Communications.	Legal obligation; legitimate interests in legal compliance and protecting our rights.

5. Marketing and cookies

Direct marketing

We may use Identity, Contact, Technical, Usage and Marketing and Communications Data to form a view about services, updates or content that may be relevant to you. You may receive marketing from us if you have requested information from us, purchased or used our services, or otherwise provided your details to us and have not opted out of marketing.

We will get your express consent before we share personal data with any third party for that third party's own direct marketing purposes.

Opting out of marketing

You can ask us to stop sending marketing communications at any time by using the opt-out link in any marketing email or by contacting us at tom@leanrads.com. If you opt out of marketing, we may still send service-related communications that are necessary for administrative, contractual or customer service purposes.

Cookies

We use cookies and similar technologies to operate our website, remember your cookie choices and, where permitted, understand how visitors use our website. Our website uses Google Analytics only where analytics storage has been granted through the cookie banner.

More detail is available in our Cookie Policy.

You can control cookies through the cookie banner where shown and through your browser settings. If you decline optional cookies, some analytics and personalisation features may not operate.

Dynamic and personalised advertising

Leanr provides technology and services that may support dynamic creative, ad delivery, measurement, contextual targeting, audience-based targeting and personalised advertising. Depending on the configuration chosen by Leanr, our customers or our partners, this may involve processing limited identifiers, device and browser information, consent signals, ad request data, interaction events, audience segments, campaign data and performance data.

Where Leanr processes this data on behalf of a customer, the customer is responsible for ensuring that it has a lawful basis, provides appropriate transparency, and obtains consent where required. Where Leanr uses personal data for its own website marketing, analytics or advertising, we will do so only where we have a lawful basis and, where required, cookie or similar technology consent.

6. Disclosures of personal data

We may share personal data where necessary with:

service providers who support hosting, analytics, security, payments, communications, customer support, professional services and business administration;
customers, suppliers and business partners where necessary to provide our services or manage our commercial relationships;
professional advisers including lawyers, bankers, auditors and insurers;
HM Revenue & Customs, regulators, law enforcement bodies and other authorities where required by law; and
third parties in connection with a business sale, restructuring, investment, acquisition or similar transaction.

We require third-party service providers to respect the security of personal data and to treat it in accordance with the law. We do not allow service providers acting on our behalf to use personal data for their own purposes, and we only permit them to process it for specified purposes and in accordance with our instructions.

Leanr's current subprocessors for customer data are listed at legal/subprocessors.html.

7. International transfers

Some third-party service providers may be based outside the UK, which means personal data may be transferred to and processed outside the UK. For example, we may use providers such as Google Analytics and Amazon Web Services, which may process data in countries outside the UK depending on service configuration.

Whenever we transfer personal data outside the UK, we take steps designed to ensure a similar degree of protection is afforded to it, including by relying on adequacy regulations, the UK International Data Transfer Agreement, the UK addendum to the EU Standard Contractual Clauses, or other safeguards permitted by applicable law.

Please contact us if you would like further information about the transfer mechanisms used for a particular processing activity.

8. Data security

We have put in place appropriate technical and organisational security measures designed to prevent personal data from being accidentally lost, used, accessed, altered or disclosed in an unauthorised way. We also limit access to personal data to employees, contractors, agents and service providers who have a business need to know.

We have procedures to deal with suspected personal data breaches and will notify affected individuals and applicable regulators where we are legally required to do so. More information about our security practices is available at legal/security.html.

9. Data retention

We will retain personal data only for as long as reasonably necessary to fulfil the purposes we collected it for, including satisfying legal, regulatory, tax, accounting or reporting requirements. We may retain personal data for a longer period in the event of a complaint, dispute, investigation or if we reasonably believe there is a prospect of litigation.

To determine the appropriate retention period, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes of processing, whether those purposes can be achieved through other means, and applicable legal, regulatory, tax, accounting or other requirements.

By law, we may need to keep basic customer records, including Contact, Identity, Commercial and Transaction Data, for up to six years after the customer relationship ends for tax and accounting purposes. In some circumstances, we may anonymise personal data so that it can no longer be associated with you, in which case we may use that information indefinitely without further notice.

More information about typical retention periods for our platform and services is available at legal/data-retention.html.

10. Your legal rights

You have rights under data protection laws in relation to your personal data. Depending on the circumstances, you may have the right to:

request access to the personal data we hold about you;
request correction of incomplete or inaccurate personal data;
request erasure of your personal data in certain circumstances;
object to processing where we rely on legitimate interests, including profiling based on legitimate interests;
object at any time to processing of your personal data for direct marketing purposes;
request the transfer of your personal data to you or a third party;
withdraw consent at any time where we rely on consent; and
request restriction of processing in certain circumstances.

If you wish to exercise any of these rights, please contact us using the details below.

No fee usually required

You will not usually have to pay a fee to access your personal data or exercise your rights. We may charge a reasonable fee, or refuse to comply, if a request is clearly unfounded, repetitive or excessive.

What we may need from you

We may request specific information from you to help us confirm your identity and ensure that personal data is not disclosed to someone who has no right to receive it. We may also contact you for further information in relation to your request.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take longer if a request is particularly complex or you have made a number of requests, in which case we will notify you and keep you updated.

11. Contact details and complaints

If you have questions about this privacy policy, our use of personal data, or your privacy rights, please contact us:

Email: tom@leanrads.com
Postal address: 2 Knowleside Birchetts Avenue, Langton Green, Tunbridge Wells, England, TN3 0EJ

You have the right to make a complaint to the Information Commissioner's Office (ICO), the UK regulator for data protection issues, at www.ico.org.uk. We would appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first where possible.

12. Changes and third-party links

We keep this privacy policy under regular review. Historic versions can be obtained by contacting us. It is important that the personal data we hold about you is accurate and current, so please keep us informed if your personal data changes during your relationship with us.

Our website may include links to third-party websites, plug-ins and applications. Clicking those links or enabling those connections may allow third parties to collect or share data about you. We do not control third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Contact: tom@leanrads.com
URL: https://leanrads.com/privacy-policy