Privacy policy

Daisy AI Limited (“Daisy,” “we,” “us,” or “our”) is a private company limited by shares registered in Ireland (company number 789730) with its registered office at 12 Lad Lane Upper, Dublin 2, D02 WT35, Ireland.

For any privacy question, email us at privacy@daisy.inc.

This notice covers personal information we collect through daisy.inc, our product, and related channels (email, events, demos).

If you are a Daisy customer, you are the controller of any Customer Data you submit to the product. We process that data on your behalf as your processor, under the terms of your subscription agreement and Data Processing Agreement.

We collect personal information in three ways:

• Directly from you — when you sign up, contact us, attend a demo, or use the product.
• Automatically — through cookies and similar technologies when you browse daisy.inc or use the product.
• From third parties — from your employer (if they provision your account), from analytics providers, or from publicly available sources.

We process personal information for the following purposes, under the legal bases listed:

• Providing the service — authenticating you, keeping you signed in, running forecasts and analytics on your data, serving support requests. Basis: performance of contract.
• Keeping the service safe — preventing abuse, detecting fraud, maintaining security and availability, meeting audit and regulatory obligations. Basis: legitimate interests and legal obligation.
• Improving the product — understanding usage patterns, diagnosing issues, testing changes on aggregated or de-identified data. Basis: legitimate interests.
• Communicating with you — responding to enquiries, sending transactional notices, occasionally sharing product updates and relevant content. Basis: performance of contract, legitimate interests, or consent.
• Meeting legal obligations — accounting, tax, anti-money-laundering, responding to lawful requests, enforcing our terms. Basis: legal obligation.

Where we rely on consent (for example, marketing emails), you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

We use a small, deliberate set of cookies and similar technologies to run the site, keep you signed in, and understand aggregated usage. We do not use advertising cookies, and we do not sell personal information. For details and how to manage your preferences, see our Cookie policy.

We share personal information only in the categories below:

• Service providers — processors who help us operate the product (hosting, database, email, analytics, support tools). They act on our documented instructions and are bound by written agreements.
• Your organisation — if you access Daisy through your employer, relevant administrators at that organisation may see your usage and account information.
• Legal and regulatory authorities — where we are legally required, or where disclosure is necessary to protect rights, property, or safety.
• Corporate transactions — if we are involved in a merger, acquisition, financing, or sale of assets, personal information may be disclosed to the counterparty, under appropriate confidentiality and continuity protections.

We can provide the current list of sub-processors on request — email privacy@daisy.inc.

Daisy AI Limited is established in Ireland. Processing primarily takes place in the European Economic Area (EEA). Some of our service providers are based outside the EEA, which means personal information may be transferred to countries that provide different data protection safeguards than your own.

Where we transfer personal information outside the EEA, we rely on an appropriate safeguard under Article 46 GDPR — in practice, the European Commission’s Standard Contractual Clauses combined with, where relevant, supplementary technical and organisational measures.

We keep personal information for as long as we need it for the purposes set out in this notice, subject to any longer retention period required by law or legitimate business need (for example, tax and audit records, defence of legal claims, security investigations).

Customer Data is retained for the term of your subscription and deleted or returned after termination in line with your agreement. Aggregated and de-identified data that can no longer be linked to an individual may be retained for research, analytics, and product improvement.

We protect personal information with encryption in transit (TLS) and at rest, tenant-level access controls, audited administrative access, and a shared responsibility model with our sub-processors. See the Security page for specifics. No system can be guaranteed 100% secure; we take reasonable steps to manage that risk and to notify customers of material incidents without undue delay.

Depending on where you live, you may have the following rights in relation to your personal information:

• Access to the information we hold about you.
• Correction of information that is inaccurate.
• Deletion (“right to be forgotten”) where the legal basis for processing no longer applies.
• Restriction or objection to processing.
• Data portability — to receive your data in a machine-readable format.
• Withdrawing consent for processing that relies on consent.
• Not being subject to automated decision-making with significant effects, where applicable.

To exercise a right, email privacy@daisy.inc. We will ask you to verify your identity before acting on the request and will respond within the timeframe required by law (typically one month under GDPR, extendable by two months for complex requests).

You also have the right to lodge a complaint with a supervisory authority. In Ireland, the supervisory authority is the Data Protection Commission (dataprotection.ie).

Our service is intended for users aged 18 and over. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, contact us and we will delete it.

Our site does not currently respond to “Do Not Track” browser signals. Where possible, we honour privacy preferences set through the cookie banner and browser controls.

We may update this notice from time to time. Material changes will be announced on daisy.inc before they take effect, with the “Last updated” date at the top reflecting the most recent revision.