Back

Privacy Policy

Peripheral Insights LTD

Effective Date: 2026/05/05 ยท Last Updated: 2026/05/05

1. Introduction

Peripheral Insights LTD ("Peripheral Insights", "we", "us", or "our") operates an AI-powered research and analysis platform for institutional investors. This Privacy Policy explains how we collect, use, disclose, and protect information in connection with our platform, website (https://peripheral-insights.com), and related services (collectively, the "Service").

This policy applies to all users of our Service, including individuals who register for an account, interact with our platform, visit our website, or communicate with us. By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

Peripheral Insights is incorporated in England and Wales. For the purposes of applicable data protection legislation, Peripheral Insights LTD is the data controller.

2. Information We Collect

2.1 Account and Registration Data

When you create an account or engage with our Service, we collect information you provide directly, including your name, email address, job title, organisation name, and billing information.

2.2 Platform Usage Data

When you use the Service, we collect data about your interactions with the platform, including:

  • Inputs you submit, such as queries, instructions, company identifiers, and research preferences
  • Any documents or materials you choose to upload
  • Outputs generated through the platform
  • Features you access and actions you take within your account

2.3 Technical and Automatically Collected Data

We automatically collect certain information when you access the Service, including IP address, browser type and version, device identifiers, operating system, referring URLs, pages viewed, timestamps, and session duration. We collect this data through cookies, server logs, and similar technologies as described in Section 10.

2.4 Communications Data

When you contact us directly (for example, via email or through a support channel), we collect the content of your communications and any information you choose to provide.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: Processing your inputs and delivering platform functionality, including any outputs generated through the Service.
  • Account management: Creating and maintaining your account, processing payments, and communicating with you about your subscription.
  • Platform improvement: Analysing usage patterns and system performance to improve the accuracy, reliability, and functionality of our Service.
  • Security and integrity: Detecting, preventing, and responding to fraud, abuse, security incidents, and technical issues.
  • Legal compliance: Meeting our legal and regulatory obligations, including responding to lawful requests from public authorities.
  • Communications: Sending you service-related notices, updates, and, where you have opted in, marketing communications.

4. AI Processing and Automated Analysis

Our Service uses artificial intelligence and machine learning models to process information and generate outputs. This section explains how your data is handled in that context.

4.1 Processing of User Inputs

When you use the Service, your inputs (including queries, preferences, and any materials you upload) are processed by our AI models solely to generate the outputs you have requested and to deliver the functionality of the Service.

4.2 No Model Training on User Data

We do not use your inputs, queries, uploaded documents, or any other user-submitted data to train, fine-tune, or otherwise improve our underlying AI models. Your data is used exclusively to generate the outputs you have requested.

4.3 User-Uploaded Materials

Where you choose to upload proprietary documents or data, this material is processed solely for the purpose of producing your requested output. We do not independently access, retain, or repurpose uploaded materials beyond what is necessary to fulfil your request, subject to the retention periods described in Section 8.

4.4 Publicly Available Information About Individuals

Our outputs may reference publicly available information about individuals, such as names, roles, and professional backgrounds, where relevant. We process this information on the basis of our legitimate interest in providing research and analysis services (see Section 5). We do not maintain proprietary databases of personal information about such individuals.

4.5 Automated Decision-Making

Our Service produces AI-generated research and analysis intended to inform your own decision-making. The platform does not make automated decisions that produce legal effects or similarly significant effects on any individual. Outputs are provided as informational content for professional review, not as determinative assessments.

5. Legal Bases for Processing (UK GDPR / EU GDPR)

Where UK or EU data protection law applies, we rely on the following legal bases for processing your personal data:

  • Contract performance: Processing your account data and platform inputs is necessary for the performance of our contract with you (i.e., delivering the Service you have subscribed to).
  • Legitimate interests: We process technical and usage data for platform security, fraud prevention, service improvement, and business analytics, where these interests are not overridden by your rights. We also process publicly available information about individuals on the basis of our legitimate interest in providing research and analysis services.
  • Legal obligation: We may process personal data where necessary to comply with applicable laws, regulations, or legal proceedings.
  • Consent: Where we rely on consent (for example, for marketing communications or non-essential cookies), you may withdraw consent at any time by contacting us or using the mechanisms provided.

6. Data Sharing and Third Parties

We share personal data only in the following circumstances and with the following categories of recipients.

6.1 Service Providers

We engage third-party service providers who process data on our behalf to deliver the Service. These providers are contractually bound to process personal data only as instructed by us, to maintain appropriate security measures, and not to use data for their own purposes. This includes cloud infrastructure and hosting providers, payment processors, authentication services, analytics tools, and AI model providers used to generate platform outputs.

Where data is processed by AI model providers, our agreements with those providers prohibit the use of inputs or outputs for model training.

6.2 Legal and Regulatory Disclosures

We may disclose personal data where required by law, regulation, legal process, or governmental request, or where we reasonably believe disclosure is necessary to protect our rights, your safety, or the safety of others.

6.3 Business Transfers

In the event of a merger, acquisition, reorganisation, or sale of assets, personal data may be transferred to the successor entity. We will provide notice before personal data becomes subject to a different privacy policy.

6.4 No Sale of Personal Data

We do not sell personal data. We do not share personal data with third parties for their own direct marketing purposes.

7. International Data Transfers

Some of the third-party service providers we use are based outside the United Kingdom and the European Economic Area. Where personal data is transferred internationally, we ensure that appropriate safeguards are in place as required by applicable data protection law. In practice, this means our agreements with these providers incorporate Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms approved by the relevant authorities.

You may request further details about the safeguards in place by contacting us using the details in Section 13.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

  • Account and platform data: Retained for the duration of your active subscription. Following account closure, this data is deleted within 90 days.
  • Technical and log data: Retained for up to 12 months for security, performance monitoring, and debugging purposes.
  • Billing records: Retained as required by applicable tax and accounting regulations.

When data is no longer required, it is securely deleted or anonymised in accordance with our data management procedures.

9. Data Security

We implement technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls and authentication requirements, regular security assessments, and incident response procedures.

Enterprise customers requiring a Data Processing Addendum (DPA) may request one by contacting us at the address provided in Section 13.

No method of transmission or storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

We use cookies and similar technologies on our website and platform. These fall into the following categories:

  • Strictly necessary cookies: Required for the operation of the Service, including session management and authentication. These cannot be disabled.
  • Analytics cookies: Used to understand how users interact with our platform, helping us improve performance and usability. We use these only with your consent where required by law.

You may configure your browser to block or delete cookies, though this may affect the functionality of the Service.

11. Your Rights

11.1 Rights Under UK and EU Data Protection Law

If you are located in the United Kingdom or the European Economic Area, you have the following rights in relation to your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete personal data.
  • Erasure: Request deletion of your personal data, subject to our legal retention obligations.
  • Restriction: Request that we restrict processing of your personal data in certain circumstances.
  • Portability: Request a machine-readable copy of personal data you have provided to us.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, contact us using the details in Section 13. We will respond within one month, or inform you if an extension is required. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) or your local supervisory authority.

11.2 Rights Under California Law (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect and how we use it, request deletion of your personal information, and opt out of the sale or sharing of personal information. We do not sell or share personal information as defined under the CCPA/CPRA. To submit a request, contact us at the details provided in Section 13.

12. Children's Privacy

The Service is designed for professional and institutional use and is not directed at individuals under the age of 18. We do not knowingly collect personal data from anyone under 18.

13. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data protection rights, or have a complaint about how we handle your personal data, please contact us at:

Peripheral Insights LTD
London, United Kingdom
Email: contact@peripheral-insights.com

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at https://ico.org.uk or, if applicable, your local data protection authority.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable law. Where changes are material, we will provide notice through the Service or by email before the changes take effect. The "Last Updated" date at the top of this policy indicates when it was most recently revised.