Privacy Policy

Last updated: June 2026

1. Data Controller

The data controller for personal data collected through this website is DealSurgery AI. For any privacy-related enquiries or to exercise your rights, contact us via the contact form on this website.

2. Data We Collect

We collect the following personal data when you submit a contact form, free scan request, or checkout form:

  • Full name
  • Work email address
  • Company name
  • Job title (where provided)
  • Your sales challenge or message (free-text, where provided)

We do not collect payment card data directly. Payments are processed by Stripe (see Section 5).

3. Legal Basis for Processing

  • Legitimate interest (Article 6(1)(f) GDPR) — We process B2B professional contact data to follow up on enquiries and provide the services you have requested.
  • Contract performance (Article 6(1)(b) GDPR) — When you purchase a service, we process your data to deliver the agreed deliverables.
  • Consent (Article 6(1)(a) GDPR) — Where you explicitly opt in to marketing communications.

4. Data Retention

We retain personal data for a maximum of 12 months from the date of collection, or until you request deletion — whichever comes first. After that period, data is permanently deleted from our systems.

5. Third-Party Services

  • Stripe— Payment processing. When you purchase a plan, you are redirected to Stripe's hosted checkout. Stripe processes your payment card data under their own privacy policy. We receive a transaction confirmation and a reference ID only.
  • PostHog — Product analytics. We use PostHog to collect anonymized pageview data, click events, and Core Web Vitals. No personally identifiable information is sent to PostHog. IP addresses are anonymized.

6. Article 14 Notice — Unsolicited B2B Outreach

If you received an email from us that you did not initiate, your professional contact details (name, job title, work email) were sourced from publicly available professional directories. This processing is conducted under our legitimate interest in B2B business development.

You may opt out at any time by replying with “unsubscribe” to any email you receive from us. We will remove your details from our systems within 5 business days and will not contact you again.

7. Your Rights Under GDPR

If you are in the European Economic Area, you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data
  • Objection — object to processing based on legitimate interest
  • Portability — request your data in a machine-readable format

To exercise any of these rights, please use the contact form. We will respond within 30 days.

8. Cookies

This site uses functional cookies required for the analytics script (PostHog) to track sessions. No advertising or tracking cookies are used. By using this site you consent to these functional cookies.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be reflected in the “Last updated” date above. Continued use of this site after a change constitutes acceptance of the updated policy.