Privacy Policy

Linkki Privacy Policy

 

Effective date: 25 September 2025
Last updated: 25 September 2025

 

Linkki (“Linkki”, “we”, “our”, or “us”) provides an AI-assisted brand strategy platform that helps teams maintain consistent, on-brand content. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our websites (including any domain operated by Linkki, the “Site”), use our products and services (the “Services”), or otherwise interact with us.

By using the Site or Services, you consent to this Privacy Policy.

Regional focus: Linkki primarily serves customers in Australia and New Zealand and processes data in accordance with the Privacy Act 1988 (Cth) (Australia) and the Privacy Act 2020 (New Zealand). If you are located in the EEA/UK, we also describe rights and legal bases under the GDPR/UK GDPR below.

 

 

1) Who we are & how to contact us

Linkki

Email: hello@linkki.ai
Postal address: 105 Karangahape Road, Auckland Central, Auckland 1010

If you are in the EEA/UK and wish to contact our EU/UK representative or Data Protection Officer (if appointed), email hello@linkki.ai and include “GDPR” in the subject.

 

 

2) What this policy covers

  • Visitors to our Site
  • Users of our Services (free trials and paid plans)
  • Prospective customers, partners, and job applicants who interact with us

This policy does not apply to content you upload to third-party tools (e.g., your CRM, ad platforms) outside Linkki’s control. Their privacy policies apply.

 

 

3) Key definitions

  • Customer Content: Brand assets, guidelines, prompts, messages, documents, and outputs you or your team upload or generate within the Services. May include personal information if you choose to include it.
  • Account Data: Registration and billing information (e.g., name, email, company, role, payment details).
  • Usage Data: Technical data about how you access and use the Site/Services (device, browser, IP, pages viewed, features used, diagnostics).
  • Sub-processors: Third-party vendors we use to help deliver the Services (hosting, analytics, payments, support).
 

4) Information we collect

Information you provide

  • Contact and account details (name, email, company, role, password).
  • Customer Content (brand guidelines, sample content, prompts, outputs, feedback).
  • Billing information (payment method, transaction details) processed by our payment provider.
  • Communications (support requests, survey responses, testimonials).

Information collected automatically

  • Usage Data (IP address, device identifiers, browser type/version, pages visited, time on page, referrer).
  • Cookies and similar technologies (see Cookies below).

Information from third parties

  • Integrations you connect (e.g., storage, chat platforms) to enrich your brand profile.
  • Public sources or service providers (e.g., firmographic info to help set up your account).

We do not intentionally collect sensitive information unless you provide it (please avoid uploading it). We do not knowingly collect data from children under 16.

 

 

5) How we use your information (purposes)

We use personal information to:

  1. Provide and improve the Services (authenticate users, host content, generate AI outputs, personalize features, operate integrations, troubleshoot).
  2. Power brand consistency & AI features (apply your brand rules to AI outputs; evaluate and refine outputs for quality and safety).
  3. Communicate with you (service messages, onboarding, product updates, security alerts).
  4. Billing & account administration (process payments, handle renewals, invoices).
  5. Security & fraud prevention (detect, prevent, and respond to security incidents or misuse).
  6. Analytics & product development (aggregate/ de-identified insights to improve performance and features).
  7. Marketing (optional) (newsletters, webinars, promotions) — you can opt out anytime.
  8. Legal compliance (tax, accounting, responding to lawful requests).

We do not sell personal or business information. We do not use Customer Content for advertising.

 

 

6) AI processing & model providers

Linkki is AI-agnostic. To deliver the Services, we may route prompts and context (derived from your brand settings and Customer Content) to one or more AI model providers or run models we host.

  • Data minimisation. We send only the data necessary to generate the requested output.
  • Training & retention. We do not permit model providers to use Customer Content to train their models where we can control this setting. We do not use your Customer Content to train models for other customers.
  • Human review. Limited, role-based staff access may occur to investigate abuse, resolve a support ticket, or improve safety systems—always under confidentiality obligations.
  • Configurable retention. We retain prompts/outputs to provide the Services and audit safety. Admins can request deletion (see Your rights & Retention).

A current list of core sub-processors/model providers is available on request at hello@linkki.ai.

 

 

7) Legal bases (EEA/UK)

Where GDPR/UK GDPR applies, we process personal data on these bases:

  • Contract (to deliver the Services you requested).
  • Legitimate interests (to secure, improve, and market our Services in ways you’d reasonably expect and that do not override your rights).
  • Consent (for certain cookies/marketing; you can withdraw at any time).
  • Legal obligation (to comply with applicable laws).
 
 

8) Cookies & tracking

We use cookies and similar technologies to:

  • keep you logged in and remember preferences (strictly necessary),
  • measure Site performance (analytics), and
  • support marketing (only with consent where required).

You can control cookies via our cookie banner, browser settings, or system-level preferences. Blocking some cookies may limit functionality.

 

9) How we share information

We share personal information only with:

  • Sub-processors who help us deliver the Services (hosting, AI inference, analytics, email, payments, support). They act under written contracts, follow security standards, and process data solely per our instructions.
  • Professional advisors (lawyers, auditors) under confidentiality.
  • Authorities when required to comply with law, legal process, or enforce our agreements.
  • Business transfers (merger, acquisition). We’ll notify you and continue protecting your information.

We do not share Customer Content with third parties for their independent marketing.

 

 

10) International transfers & data residency

Our primary infrastructure is hosted in Australia/New Zealand (with backups and disaster recovery as appropriate). If we transfer personal information outside your country (e.g., to vetted sub-processors), we use lawful transfer mechanisms such as Standard Contractual Clauses (EEA/UK) and require equivalent safeguards.

 

 

11) Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including:

  • encryption in transit and at rest;
  • least-privilege, role-based access;
  • audit logging and monitoring;
  • vulnerability management and regular backups.

No method of transmission or storage is 100% secure. If we learn of a breach affecting your personal information, we will notify you and regulators as required.

 

 

12) Data retention

  • Account Data: kept for the life of the account and as needed for legal obligations (e.g., tax/audit).
  • Customer Content: retained while you use the Services and deleted per your admin request or within the last day of current month after account closure, subject to legal retention needs and backup cycles.
  • Usage/analytics data: retained in aggregate or de-identified form for trend analysis.
  • Support records: retained for indefinitely unless you request deletion where feasible.
 
 

13) Your rights

Australia & New Zealand: You may access and correct personal information we hold about you, and complain if you believe we’ve breached privacy laws.

EEA/UK (GDPR): You may request access, rectification, erasure, restriction, portability, and objection to certain processing; and withdraw consent where applicable.

To exercise rights, email hello@linkki.ai. We may need to verify your identity. If we cannot resolve your concern, you can contact:

  • OAIC (Australia): oaic.gov.au
  • Privacy Commissioner (NZ): privacy.org.nz
  • Your local Supervisory Authority (EEA/UK)
 
 

14) Marketing communications

You can opt out of marketing emails by clicking unsubscribe or contacting us. We may still send service or transactional messages (e.g., security, billing, product notices).

 

 

15) Third-party links

The Site may contain links to third-party websites or services. Their privacy practices are not governed by this Policy. Review their privacy policies before providing personal information.

 

 

16) Children’s privacy

Our Services are not intended for children under 16, and we do not knowingly collect their personal information. If you believe a child has provided personal information to us, contact hello@linkki.ai and we will delete it.

 

 

17) Changes to this Policy

We may update this Policy from time to time. The “Last updated” date indicates the latest revision. If changes materially affect your rights, we will provide advance notice (e.g., email or in-app).

 

 

18) Sub-processor list (summary)

We maintain an up-to-date list; typical categories include:

  • Cloud hosting & storage: [e.g., AWS/Azure/GCP in AU/NZ]
  • AI model providers/inference: [e.g., OpenAI/Anthropic/Google—configured to disable training on Customer Content where possible]
  • Email & comms: [e.g., transactional email service]
  • Payments: [e.g., Stripe]
  • Analytics/monitoring: [e.g., privacy-respecting analytics provider]
  • Support/helpdesk: [e.g., support ticketing tool]

To receive the current list, email hello@linkki.ai.