Privacy Policy

At Signal House, we take your privacy seriously. This Privacy Policy outlines the types of personal information that we collect and how we use it.

1. Introduction and Data Controller

Signal House ("we," "our," or "us") is committed to protecting your privacy and personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws in the European Union. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website signalhouse.agency or engage our Generative Engine Optimization (GEO) consultancy services.

Data Controller:Signal HousePrague, Czech RepublicEmail: privacy@signalhouse.agencyWebsite: signalhouse.agency

2. Legal Basis for Processing

We process personal data only when we have a valid legal basis under GDPR Article 6. Our legal bases for processing include:

  • Consent: You have given explicit consent for specific processing activities (e.g., marketing communications, cookies)

  • Contract: Processing is necessary to perform our contractual obligations to you

  • Legal Obligation: Processing is required to comply with legal requirements

  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided these do not override your fundamental rights and freedoms

3. Information We Collect

3.1 Personal Data Collected Directly

When you engage with Signal House, we may collect the following categories of personal data:

  • Contact Information: Name, email address, phone number, company name, job title, business address

  • Account Information: Login credentials, account preferences, service history

  • Financial Information: Billing address, payment method details (processed through secure third-party payment processors), tax identification numbers where required

  • Business Information: Company website URLs, content samples, brand guidelines, competitive intelligence needs, business objectives

  • Communication Data: Correspondence via email, contact forms, phone calls, video conferences, and other communication channels

  • Project Data: Information provided during GEO audits, content samples, website access credentials, analytics data, competitive analysis requirements

3.2 Data Collected Automatically

When you visit our website, we automatically collect certain information through cookies and similar technologies:

  • Technical Data: IP address, browser type and version, device type, operating system, screen resolution, language preferences

  • Usage Data: Pages visited, time spent on pages, navigation paths, referral sources, exit pages, click patterns

  • Location Data: Approximate geographic location based on IP address

3.3 Data from Third-Party Sources

We may receive information from:

  • Business partners and referral sources

  • Publicly available sources (LinkedIn, company websites, professional directories)

  • Analytics providers (Google Analytics, website analytics tools)

  • Marketing platforms (email marketing services, CRM systems)

4. How We Use Your Information

4.1 Service Delivery

We use your information to:

  • Provide GEO audit services and consultancy

  • Conduct visibility assessments across AI platforms (ChatGPT, Claude, Perplexity, Google AI Overviews, Gemini)

  • Analyze your content, website structure, and competitive positioning

  • Generate custom reports, recommendations, and strategic guidance

  • Communicate with you regarding project status and deliverables

4.2 Business Operations

We process data to:

  • Process payments and manage billing

  • Maintain accurate financial records and tax compliance

  • Respond to inquiries and provide customer support

  • Manage and improve our website functionality

4.3 Marketing and Communication

With your consent, we use data to:

  • Send newsletters, industry insights, and GEO best practices

  • Provide information about new services and offerings

  • Invite you to webinars, workshops, and events

  • Conduct market research and gather feedback

4.4 Analytics and Improvement

We analyze data to:

  • Understand website usage patterns and user behavior

  • Improve our services, methodologies, and deliverables

  • Develop new features and service offerings

  • Create aggregated, anonymized industry benchmarks and insights

4.5 Legal Compliance and Security

We process data to:

  • Comply with legal obligations and regulatory requirements

  • Enforce our Terms of Use and protect our legal rights

  • Detect, prevent, and address fraud, security issues, and technical problems

  • Respond to legal requests and prevent harm

5. Data Sharing and Disclosure

5.1 Service Providers

We may share your data with trusted third-party service providers who assist us in operating our business:

  • Cloud Hosting Providers: For website hosting and data storage

  • Payment Processors: For secure payment processing (e.g., Stripe, PayPal)

  • Email Service Providers: For email communications and marketing

  • Analytics Providers: For website analytics (e.g., Google Analytics)

  • CRM Systems: For customer relationship management

  • Project Management Tools: For collaboration and project delivery

All service providers are bound by data processing agreements and are required to protect your data in accordance with GDPR standards.

5.2 Business Partners

We may share limited information with strategic partners for joint marketing initiatives, referrals, or co-delivery of services, but only with your prior consent or where permitted by legitimate business interests.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal requests from courts or government authorities

  • Legal processes such as subpoenas or court orders

  • Protection of our rights, property, or safety

  • Investigation of potential violations of our Terms of Use

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our website of any change in ownership or control of your personal information.

5.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot be used to identify you for research, industry benchmarking, marketing, and other business purposes. This data does not constitute personal data under GDPR.

6. International Data Transfers

Signal House is based in the European Union (Czech Republic). However, some of our service providers may be located outside the EU/EEA. When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs) approved by the European Commission

  • Adequacy decisions recognizing equivalent data protection standards

  • Binding Corporate Rules for multinational service providers

You have the right to obtain information about the safeguards we have put in place for international transfers and to obtain a copy of such safeguards by contacting us.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our retention periods are:

  • Client Data: Retained for the duration of our service relationship plus 6 years for legal and tax compliance purposes

  • Financial Records: Retained for 10 years in accordance with Czech tax and accounting laws

  • Marketing Data: Retained until you withdraw consent or request deletion, up to 3 years of inactivity

  • Website Analytics: Typically retained for 26 months (Google Analytics default)

  • Project Work Product: Retained for 3 years after project completion for reference and continuity

When data is no longer needed, we securely delete or anonymize it in accordance with data protection best practices.

8. Your Rights Under GDPR

As a data subject in the European Union, you have the following rights:

8.1 Right of Access (Article 15)

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data, along with information about the processing.

8.2 Right to Rectification (Article 16)

You have the right to request correction of inaccurate personal data and completion of incomplete personal data.

8.3 Right to Erasure (Article 17)

You have the right to request deletion of your personal data under certain circumstances, including when the data is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when you object to processing.

8.4 Right to Restriction of Processing (Article 18)

You have the right to request limitation of processing your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.

8.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

8.6 Right to Object (Article 21)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.

8.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

8.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of alleged infringement. In the Czech Republic, the supervisory authority is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů).

To exercise any of these rights, please contact us at privacy@signalhouse.agency. We will respond to your request within one month, or two months for complex requests, and will verify your identity before processing your request.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage:

  • Encryption: Data in transit is encrypted using TLS/SSL protocols; sensitive data at rest is encrypted

  • Access Controls: Role-based access controls, multi-factor authentication, and regular access reviews

  • Security Monitoring: Continuous monitoring for security threats and vulnerabilities

  • Employee Training: Regular data protection and security awareness training

  • Incident Response: Documented procedures for responding to data breaches

  • Regular Audits: Periodic security assessments and penetration testing

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, notify affected individuals without undue delay.

10. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child, please contact us immediately.

11. Automated Decision-Making and Profiling

Signal House does not engage in automated decision-making or profiling that produces legal effects or similarly significantly affects you. Any analytics or profiling we conduct is for aggregate business intelligence purposes only and does not result in automated decisions affecting individual data subjects.

12. Marketing Communications

We will only send you marketing communications if you have given explicit consent or where permitted by legitimate business interests (existing client relationships). You can opt out of marketing communications at any time by:

  • Clicking the unsubscribe link in any marketing email

  • Contacting us directly at privacy@signalhouse.agency

  • Updating your communication preferences in your account settings

Even if you opt out of marketing communications, we will still send you transactional and service-related messages necessary for our business relationship.

13. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. For detailed information about our use of cookies, please refer to our separate Cookie Policy. By using our website, you consent to the use of cookies in accordance with that policy.

14. Third-Party Links

Our website may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on our website with a new 'Last Updated' date

  • Sending email notification to registered clients

  • Displaying a prominent notice on our website

Your continued use of our services after changes become effective constitutes acceptance of the revised Privacy Policy.

16. Contact Us and Data Protection Officer

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Privacy Contact:

Signal House

Prague, Czech Republic

Email: privacy@signalhouse.agency

Website: signalhouse.agency

We will respond to your inquiry within a reasonable timeframe and no later than one month from receipt of your request, as required by GDPR.

17. Supervisory Authority

If you have concerns about our data processing practices, you may contact the Czech data protection authority:

Office for Personal Data Protection (Úřad pro ochranu osobních údajů)

Pplk. Sochora 27

170 00 Prague 7

Czech Republic

Website: uoou.cz

Email: posta@uoou.cz