Privacy Policy

This Privacy Policy explains how Aleo Labs (“Aleo Labs”, “we”, “us”, or “our”) collects, uses, and protects personal information when you visit aleolabs.io (the “Site”) or contact us through it. We have written it to be understandable and to align with global privacy laws, including the EU and UK General Data Protection Regulation (GDPR), and the California Consumer Privacy Act as amended (CCPA/CPRA).

We are committed to data minimization: we collect only what we need, and the Site sets no advertising or cross-site tracking cookies.

1. Who is responsible for your data

The entity responsible for the personal information processed through the Site is Aleo Labs Operations LLC (“Aleo Labs”), with a registered address at:

1604 Philadelphia Pike, Suite 302
Wilmington, DE 19809
United States

Aleo Labs Operations LLC — DUNS: 145037551. For any privacy question or request, contact us at the address in the “How to contact us” section below.

2. Information we collect

Information you give us

When you use our contact form, we collect the name, email address, and message you submit, so we can read and respond to your enquiry.

Information collected automatically

When you visit the Site, our hosting provider records standard technical log data such as your IP address, browser type and settings, referring pages, and the date and time of your request. This data is used to operate, secure, and troubleshoot the Site.

Aggregate analytics

We use Cloudflare Web Analytics to understand overall Site usage (for example, total page views, popular pages, referrers, and approximate country). This tool is privacy-focused: it does not use cookies, does not create a persistent identifier, and does not track you across other websites. It produces only aggregate statistics and cannot be used to identify you.

3. Cookies and similar technologies

The Site does not use advertising, marketing, or cross-site tracking cookies, and we do not build profiles of visitors. Because our analytics are cookieless, no consent banner is required for them. If we introduce non-essential cookies or trackers in the future, we will update this policy and, where the law requires it, request your consent first.

4. How we use your information

• To respond to enquiries and communicate with you.
• To operate, maintain, secure, and improve the Site.
• To understand aggregate usage of the Site.
• To comply with legal obligations and enforce our terms.

5. Legal bases for processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Consent — when you voluntarily submit a message through the contact form.
• Legitimate interests — to keep the Site secure and reliable and to measure aggregate usage, balanced against your rights.
• Legal obligation — where we must process data to comply with applicable law.

6. How we share information

We do not sell or rent your personal information, and we do not share it for cross-context behavioural advertising. We share information only with service providers who help us run the Site, under contracts that require them to protect it:

• Cloudflare, Inc. — website hosting, content delivery, security, cookieless analytics, and delivery of contact-form submissions to our inbox via Cloudflare Email Routing.

We may also disclose information if required by law, or to protect the rights, safety, and security of Aleo Labs, our users, or the public.

7. International data transfers

Our service providers may process data in countries other than your own, including the United States. Where personal data is transferred out of the EEA, the UK, or other regulated regions, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses (and the UK equivalent), or other lawful transfer mechanisms.

8. Data retention

We keep contact-form messages only for as long as needed to handle your enquiry and for a reasonable period afterward for record-keeping, then delete or anonymise them. Hosting logs and aggregate analytics are retained for a limited period consistent with our providers’ standard practices.

9. Your privacy rights

Depending on where you live, you may have some or all of the following rights:

EEA / UK (GDPR)

• Access a copy of your personal data.
• Correct inaccurate or incomplete data.
• Erase your data (“right to be forgotten”).
• Restrict or object to certain processing.
• Data portability.
• Withdraw consent at any time, without affecting prior processing.
• Lodge a complaint with your local supervisory authority.

California (CCPA / CPRA)

• Know what personal information we collect and how it is used.
• Request deletion or correction of your personal information.
• Opt out of the “sale” or “sharing” of personal information — note that we do not sell or share personal information.
• Not be discriminated against for exercising your rights.

To exercise any of these rights, contact us using the details below. We will respond within the timeframes required by applicable law and may need to verify your identity first.

10. Data security

We use reasonable technical and organisational measures — including HTTPS encryption in transit and a strict content-security policy — to protect personal information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Children’s privacy

The Site is not directed to children, and we do not knowingly collect personal information from children under the age of 16 (or the minimum age required by your local law). If you believe a child has provided us with personal information, please contact us and we will delete it.

12. Third-party links

The Site may link to external websites we do not operate. We are not responsible for the privacy practices of those sites; we encourage you to review their policies.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above, and significant changes may be highlighted on the Site.

14. How to contact us

For any privacy question or to exercise your rights, email us at privacy@aleolabs.io. We aim to respond promptly and within the periods required by applicable law.