Legal

Privacy Policy

Effective date: April 10, 2026

This Privacy Policy explains how VIRAL insider (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit viralinsider.marketing (the “Site”) or interact with our services. We comply with the EU General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”) and the UK GDPR.

1. Data Controller

VIRAL insider is the “data controller” for the personal data described in this policy. You can reach us at ask@viralinsider.co for any privacy-related questions or requests.

2. What Data We Collect

We collect only the minimum data necessary to run our website and respond to your inquiries.

Data you provide voluntarily

  • Contact information — name, email address, and any message you send us via email or when booking a consultation through Calendly.
  • Company information — brand name, website, and business details you choose to share during a discovery call.

Data collected automatically

  • Analytics data — anonymised visit statistics (pages viewed, referrer, approximate location, device type) collected through Vercel Analytics and Vercel Speed Insights.
  • Server logs — IP address, browser user agent, and request timestamps kept for up to 30 days for security and abuse prevention.

3. How We Use Your Data

  • To respond to inquiries and fulfil service requests.
  • To schedule and conduct consultation calls.
  • To provide, maintain, and improve the Site.
  • To analyse aggregated traffic patterns and optimise content.
  • To comply with legal obligations and enforce our terms.

4. Legal Basis (GDPR Article 6)

  • Consent — when you voluntarily submit contact information or book a consultation.
  • Legitimate interest — to operate and secure the Site, measure performance, and prevent abuse. You can object to processing based on legitimate interest at any time.
  • Legal obligation — when we are required to retain or disclose data by applicable law.

5. Cookies and Similar Technologies

We use a minimal set of cookies and local storage items necessary for the Site to function (strictly necessary cookies) and for privacy-friendly analytics provided by Vercel. We do not use third-party advertising cookies or cross-site tracking pixels.

You can disable cookies in your browser settings at any time. Disabling strictly necessary cookies may affect Site functionality.

6. Third-Party Processors

We share data only with service providers who help us operate the Site, under data processing agreements that meet GDPR requirements:

  • Vercel Inc. — hosting, analytics, and speed insights (United States, covered by the EU–US Data Privacy Framework).
  • Calendly LLC — consultation scheduling (United States, covered by Standard Contractual Clauses).
  • LinkedIn Corporation — if you contact us via our company LinkedIn page.

7. International Data Transfers

Some of our processors are located outside the European Economic Area. When transferring personal data internationally, we rely on adequacy decisions, the EU–US Data Privacy Framework, or Standard Contractual Clauses approved by the European Commission to ensure an adequate level of protection.

8. Data Retention

  • Inquiries and email correspondence — retained for up to 24 months from the last interaction, then deleted or anonymised.
  • Analytics data — retained in aggregated, anonymised form for up to 25 months.
  • Server logs — retained for up to 30 days.

9. Your Rights Under GDPR

If you are located in the EU, UK, or EEA, you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”) — request deletion of your data.
  • Right to restrict processing — limit how we process your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on legitimate interest.
  • Right to withdraw consent — where processing is based on consent, withdraw it at any time.
  • Right to lodge a complaint with your local data protection authority.

To exercise any of these rights, email us at ask@viralinsider.co. We will respond within 30 days.

10. Data Security

We use industry-standard technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. All traffic to the Site is encrypted with HTTPS.

11. Children’s Privacy

The Site is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available at viralinsider.marketing/privacy with an updated “Effective date” at the top. Material changes will be highlighted.

13. Contact

Questions about this policy or your personal data? Email us at ask@viralinsider.co.