Privacy Policy (GDPR)

Last updated: 2026-02-18

1. Who we are (Data Controller)

This website, landreader.ai (the “Website”), is operated by:

[Company legal name], [legal form], [NIPC/VAT]
Registered address: [Address]
Email: privacy@landreader.ai
(“LandReader”, “we”, “us”, “our”)

If you have questions about this policy or our data practices, contact us at privacy@landreader.ai.

2. Scope

This Privacy Policy explains how we collect and use personal data when you:

visit the Website,
submit a contact form,
request a scoping call / collaboration,
interact with us by email.

3. What data we collect

3.1 Data you provide

When you contact us or request a scoping call, we may collect:

name,
email address,
company / organization,
role / position (optional),
use case selection (e.g., mineral exploration / monitoring),
message content and attachments you send us.

3.2 Data collected automatically

When you browse the Website, we may collect:

IP address,
device/browser info,
pages viewed and time spent,
approximate location (derived from IP),
security/diagnostic logs.

This data is typically collected via server logs, security tools, and cookies (see Cookie Policy).

4. Why we process your data (purposes)

We process personal data to:

Respond to inquiries and schedule scoping calls
Assess collaboration requests (pilot, partnership, joint R&D)
Operate, secure, and improve the Website (fraud prevention, debugging, performance)
Comply with legal obligations (where applicable)
Send updates/marketing (only if you opt in)

5. Legal bases

Depending on the context, we rely on:

Legitimate interests: to run a secure website, respond to requests, and manage B2B relationships (balanced against your rights).
Pre-contractual steps / contract: when you ask us to scope work or prepare a proposal.
Consent: for non-essential cookies and (where applicable) marketing communications.
Legal obligation: where we must keep records for compliance.

6. Who we share data with (processors)

We may share data with trusted service providers who help us operate:

hosting / infrastructure providers,
email and calendar tools,
analytics providers (only if enabled and consented),
security/CDN providers (e.g., DDoS protection),
CRM tools (if used).

We require appropriate contractual safeguards with processors as required by GDPR.

7. International transfers

If any service provider processes data outside the EEA, we will use appropriate safeguards (e.g., adequacy decisions or Standard Contractual Clauses) as required by GDPR.

8. Data retention

We keep personal data only as long as necessary:

Contact/scoping requests: typically up to 24 months after last interaction (or earlier if no longer needed).
R&D collaboration discussions: for the duration of the collaboration plus up to 5 years for auditability (adjust to your reality).
Security logs: typically up to 12 months (or shorter if feasible).
Marketing (if opted in): until you unsubscribe or withdraw consent.

You can request deletion at any time (see Rights).

9. Your rights

Subject to conditions in GDPR, you have the right to:

access your data,
rectify inaccuracies,
erase data (“right to be forgotten”),
restrict processing,
data portability,
object to processing,
withdraw consent at any time (without affecting past processing).

To exercise rights, contact privacy@landreader.ai.

10. Complaints (Portugal)

You also have the right to lodge a complaint with the Portuguese supervisory authority, CNPD (Comissão Nacional de Proteção de Dados).

11. Security

We implement technical and organizational measures to protect personal data (access controls, encryption in transit, logging, least privilege). No system is 100% secure, but we work to reduce risk.

12. Children

The Website is not intended for children and we do not knowingly collect personal data from minors.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the new version on this page and update the “Last updated” date.