Privacy Policy

01 Who we are

Cadive is a GEO agency. GEO means generative engine optimization: we help brands show up as a top recommendation when people ask AI assistants like ChatGPT, Claude, and Perplexity for the best option. Cadive is an independent operation run by Leo Falcon and works with clients remotely.

For the purposes of this policy, Cadive is the data controller responsible for your information. You can reach us any time at hello@cadive.net. If you have a privacy question, that is the address to use.

02 What we collect

We only collect what we need to run the site and answer you. There are three places data comes in.

Contact form

When you use the contact form on our homepage, we collect what you type into it:

• Your name, so we know who we are talking to.
• Your email address, so we can reply.
• Your message, the details of your brand and what you want to discuss.
• An optional budget range, if you choose to share it.

Technical data for security

When a form is submitted, our server records the submitter's IP address and browser user-agent alongside the message. We use this only to detect and block spam and abuse, and to rate-limit submissions so the form cannot be flooded. It is not used to profile you or to advertise to you.

The HQ session cookie

If you log in to our members area (HQ), we set a single, strictly necessary session cookie so you stay signed in. It is described in full under "Cookies" below. The public website sets no cookies until and unless you log in.

03 Why we collect it, and our legal basis

Under the GDPR we have to tell you the lawful basis for each use. Here it is in plain terms.

• To reply to your enquiry. We process your name, email, and message to respond and to discuss a possible project. The basis is taking steps at your request before any agreement, and our legitimate interest in answering people who contact us.
• To keep the service secure. We process IP address and user-agent for spam prevention, abuse detection, and rate-limiting. The basis is our legitimate interest in protecting the site and other visitors from misuse.
• To keep you logged in. If you use HQ, the session cookie is set on the basis that it is strictly necessary to provide the login you asked for.

04 How long we keep it

We do not hold data longer than it is useful.

• Enquiry data is kept while your enquiry is active and for as long as it is reasonably relevant to a conversation or project. When it is no longer needed, we delete it.
• Security data such as IP and user-agent is short-lived. It exists for spam and abuse prevention and is cleared on a rolling basis once it has served that purpose.
• The session cookie lasts only for your login session and expires when it is no longer valid.

If you ask us to delete your data sooner, we will, unless we are legally required to keep something.

05 Who we share it with

We do not sell your data, and we do not share it with advertisers. There is no ad network and no data broker involved at any point.

The site runs on Cloudflare, which provides our hosting, our Workers runtime, and our database (Cloudflare D1). Cloudflare processes data strictly on our behalf and only to keep the service running. They act as our processor, not as an independent user of your data.

We may also disclose data if the law genuinely requires it, for example a valid legal request. That is the full list. No one else gets your information.

06 Cookies

The public site uses no tracking cookies, no advertising cookies, and no third-party analytics. We do not run Google Analytics or anything like it.

The only cookie we ever set is the essential HQ session cookie, and it is only set if you log in to the members area. It is HttpOnly, so it cannot be read by scripts in the browser, and it exists purely to keep you signed in. Because it is strictly necessary for a feature you actively requested, it does not require a consent banner under the rules for essential cookies.

07 Your rights

If you are in the EU, the UK, or a region with similar laws, the GDPR and equivalent rules give you rights over your data, and we honour them. You can ask us to:

• Access the data we hold about you.
• Correct anything that is wrong or out of date.
• Erase your data where there is no overriding reason for us to keep it.
• Object to processing we carry out on the basis of legitimate interest.
• Receive a copy of your data in a portable format, or have it sent on.

To use any of these, email hello@cadive.net and we will deal with it. You also have the right to complain to your local data protection authority if you are not satisfied with how we have handled your data.

08 Data security

We take reasonable, modern measures to protect your data. Traffic to and from the site is encrypted in transit over HTTPS. Any account passwords for HQ are stored hashed, never in plain text. Access to the database is restricted, and we keep the moving parts of the system to a minimum so there is less to protect in the first place.

No system is perfectly secure, but we treat your data with the care we would want for our own.

09 Children

This site is not directed at children. We do not knowingly collect data from anyone under 16, or under 13 where that is the relevant local age. If you believe a child has sent us information, contact us and we will delete it.

10 International transfers

Our infrastructure provider, Cloudflare, operates a global network, so your data may be processed on servers outside your own country. Where data crosses borders, it is protected by the appropriate safeguards, such as the standard contractual clauses that providers like Cloudflare put in place for international transfers.

11 Changes to this policy

We may update this policy as the site evolves or the law changes. When we do, we will revise the "Last updated" date at the top. The current version is always the one published here.