Last updated: May 29, 2026
Algorythmic (“we,” “us,” “our”) is an SEO and AI search optimization consultancy operated by Lily Ray and based in the United States. This Privacy Policy explains how we collect, use, share, and protect information when you visit algorythmic.co (the “Site”) or contact us through it.
This policy is designed to comply with the EU and UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the CPRA (collectively, “CCPA”), and other applicable U.S. state privacy laws.
1. Information We Collect
Information you provide to us
When you submit the contact form on the Site, we collect the information you choose to provide, which typically includes your name, email address, company (if provided), and the contents of your message. We use this information solely to respond to your inquiry.
Information collected automatically
When you visit the Site, we use Google Analytics 4 to collect limited information about your visit, including approximate location (derived from IP address, which Google Analytics shortens before storage), device and browser type, operating system, pages viewed, referring site, and time spent on the Site. We have configured Google Analytics with IP anonymization and do not enable Google Signals or advertising features.
Our hosting provider may also retain standard server logs (IP address, request timestamp, user agent) for security and operational purposes. For details on the specific cookies set, please see our Cookie Policy.
2. How We Use Information
We use the information we collect to respond to inquiries and provide requested information; operate, maintain, and secure the Site; analyze aggregated traffic patterns to improve content and performance; and comply with legal obligations.
We do not sell or share personal information for cross-context behavioral advertising. We do not use your information for automated decision-making that produces legal or similarly significant effects.
3. Legal Bases for Processing (EU/UK Visitors)
If you are located in the European Economic Area or United Kingdom, we rely on the following legal bases under GDPR Article 6:
- Consent — for analytics cookies and any non-essential cookies, obtained through our consent banner.
- Legitimate interests — for responding to your inquiries, securing the Site, and understanding aggregated usage. We have assessed that these interests are not overridden by your rights or freedoms.
- Legal obligation — where required by applicable law.
4. How We Share Information
We share information only with service providers who process it on our behalf under contractual confidentiality and data-protection obligations, and only as necessary to operate the Site:
- WP Engine — website hosting (United States).
- Google LLC — Google Analytics 4 for aggregated traffic measurement.
- Email service provider — to transmit contact-form submissions to us.
- Content delivery and security providers — to deliver the Site reliably and protect against abuse.
We may also disclose information when required by law, court order, or governmental request, or to protect our rights, property, or safety, or that of others.
We do not sell personal information, and we do not share personal information for cross-context behavioral advertising as those terms are defined under the CCPA.
5. Data Retention
We retain contact-form submissions for as long as necessary to respond to and follow up on your inquiry, and thereafter for a reasonable period (typically up to 24 months) for record-keeping, unless a longer retention is required by law. Google Analytics data is retained for 14 months and then automatically deleted. Server logs are retained for a short period for security purposes.
6. International Data Transfers
We are based in the United States, and our service providers are primarily located in the United States. If you access the Site from outside the U.S., your information will be transferred to and processed in the U.S. Where required, we rely on the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum as the lawful mechanism for such transfers.
7. Your Privacy Rights
EU / UK (GDPR)
If you are located in the EEA or UK, you have the right to: access the personal data we hold about you; request correction of inaccurate data; request erasure (“right to be forgotten”); request restriction of processing; object to processing based on legitimate interests; receive your data in a portable format; and withdraw consent at any time for processing based on consent (without affecting the lawfulness of prior processing). You also have the right to lodge a complaint with your local supervisory authority.
California (CCPA / CPRA) and other U.S. states
If you are a California resident, you have the right to know what personal information we collect, use, and disclose; the right to delete personal information; the right to correct inaccurate personal information; the right to opt out of sale or sharing for cross-context behavioral advertising (we do not engage in either); the right to limit use of sensitive personal information (we do not collect sensitive personal information for inferring characteristics); and the right not to be discriminated against for exercising your rights. Similar rights apply to residents of other U.S. states that have enacted comprehensive privacy laws.
How to exercise your rights
To exercise any of these rights, contact us using the contact information in Section 11 below. We may need to verify your identity before fulfilling certain requests. We will respond within the timeframes required by applicable law (typically 30 days under GDPR; 45 days under CCPA). You may also authorize an agent to make a request on your behalf, subject to verification.
8. Security
We use commercially reasonable administrative, technical, and physical safeguards to protect information against loss, misuse, unauthorized access, disclosure, or alteration. No transmission over the internet or method of storage is fully secure, however, and we cannot guarantee absolute security.
9. Children’s Privacy
The Site is not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided us personal information, please contact us and we will delete it.
10. Third-Party Links
The Site may contain links to third-party sites (for example, articles, social profiles, or partner sites). We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.
11. Contact Us
For questions about this Privacy Policy or to exercise your privacy rights, contact us via the form at algorythmic.co/contact.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. Material changes will be highlighted on the Site.