Privacy Policy

Rare Entity Limited, 1 Warwick Street, London W1B 5LR. For any privacy matter, contact our data protection lead at privacy@rareinstinct.com.

Depending on how you use Rare Instinct, we may process:

• -Identity and contact data: name, email, phone, organisation and role.
• -Enquiry data: the content of messages you send us via the contact form, and the tier you are interested in.
• -Account data: sign-in identifiers and authentication metadata for client and team accounts.
• -Usage data: pages viewed, briefs read and actions taken within the platform, for security and to improve the service.
• -Technical data: IP address and user-agent, captured with form submissions for security and fraud prevention.

• -To respond to enquiries and provide the service you have asked for (performance of a contract; legitimate interests).
• -To operate, secure and improve the platform (legitimate interests).
• -To send service communications, and marketing only where you have consented (consent, which you may withdraw at any time).
• -To meet legal and regulatory obligations (legal obligation).

We do not sell your personal data, and we do not use it for automated decisions that produce legal effects about you.

We use carefully selected providers who process data on our instructions under data-processing terms: Supabase (database and authentication), Anthropic (AI processing of content you choose to generate), Resend (transactional email), Vercel (hosting), and Apify and named data sources for cultural intelligence. Each maintains its own safeguards. Where data is transferred outside the UK, we rely on appropriate safeguards such as the UK International Data Transfer Agreement or adequacy regulations.

We keep personal data only as long as necessary for the purposes above: enquiry data for up to 24 months after last contact, account data for the life of the account plus a short wind-down period, and audit and consent records for as long as needed to evidence compliance. We then delete or anonymise it.

Under UK data protection law you have the right to:

• -Access a copy of the personal data we hold about you.
• -Rectify inaccurate or incomplete data.
• -Erase your data (the right to be forgotten), subject to limited legal exceptions.
• -Restrict or object to certain processing, including direct marketing.
• -Data portability for data you provided to us.
• -Withdraw consent at any time where we rely on it.

To exercise any of these, email privacy@rareinstinct.com. We will verify your identity and respond within one month. We action access requests by compiling all records we hold for you, and erasure requests by anonymising your personal data across our systems.

We use strictly necessary cookies for sign-in and session management, and privacy-respecting analytics to understand aggregate usage. We do not use advertising cookies.

If you have a concern we have not resolved, you can contact the Information Commissioner's Office at ico.org.uk. We would, however, appreciate the chance to address it first.