This Privacy Policy explains how Geodd LLC collects, uses, discloses, retains, and protects personal data in connection with our website, dashboard, communications, and Services.
This Privacy Policy should be read together with Geodd’s Terms of Service, Data Protection Addendum, Subprocessor List, Security Measures page, Cookie Policy, and International Data Transfers page.
For privacy questions or data protection requests, contact: [email protected].
For security questions, contact: [email protected].
For legal notices, contact: [email protected].
Geodd LLC is the entity responsible for providing the Services.
Geodd LLC
1007 N Orange St., 4th Floor, Suite #1382
United States
Website: geodd.io
Privacy contact: [email protected]
Security contact: [email protected]
Support contact: [email protected]
Legal notices: [email protected]
For purposes of this Privacy Policy, “Geodd,” “we,” “us,” or “our” means Geodd LLC.
This Privacy Policy applies to personal data that Geodd processes in connection with:
This Privacy Policy does not replace any Data Protection Addendum between Geodd and a Customer. Where Geodd processes Customer Personal Data as a processor on behalf of a Customer, Geodd’s processing is governed by the applicable Data Protection Addendum.
Geodd’s Data Protection Addendum is available at: geodd.io/legal/data-protection-addendum
Geodd may act as either a controller or a processor depending on the context.
Geodd acts as an independent controller for personal data processed for our own business purposes, including:
Geodd generally acts as a processor where it processes Customer Personal Data submitted by or on behalf of a Customer through the Services solely to provide the Services under the Customer’s instructions.
This may include Customer-submitted API content and Customer end-user data submitted through the API, if any.
Customers are responsible for ensuring that they have a lawful basis and all required rights, notices, consents, authorizations, and permissions to submit personal data to the Services.
Geodd provides AI infrastructure services, including:
For EU/EEA and UK customers, Geodd may provide API access to AI models, dedicated managed AI inference endpoints, dedicated GPUs, managed servers, bare metal, and infrastructure services.
Geodd may collect the following categories of personal data.
Geodd does not store full payment card details unless expressly stated. Payment processing may be handled by third-party payment providers.
For AI model API services, Geodd processes prompts, inputs, outputs, request bodies, and response bodies transiently to provide the requested inference response.
Unless separately agreed in writing, Geodd does not store:
Geodd does not use API data for model training and does not conduct human review of prompts or outputs by default.
Geodd may retain limited metadata for billing, usage measurement, security, troubleshooting, service operation, fraud prevention, legal, and compliance purposes.
Geodd uses personal data for the following purposes.
We use personal data to:
We use personal data to:
We use personal data to:
We use personal data to:
Where permitted by law, we may use contact information to send marketing communications about Geodd.
Users can opt out of marketing emails at any time by using the unsubscribe link or contacting [email protected].
Geodd does not use API prompts, inputs, outputs, request bodies, or response bodies for marketing, model training, fine-tuning, or analytics.
Where GDPR, UK GDPR, or similar laws apply, Geodd relies on one or more of the following legal bases:
Customer is responsible for determining whether personal data submitted to the Services includes sensitive, special category, regulated, or high-risk personal data under applicable data protection laws.
Geodd’s Services are designed to process Customer-submitted data according to Customer’s instructions. Geodd does not require Customers to submit sensitive or regulated data in order to use the Services.
If Customer submits sensitive, special category, regulated, or high-risk personal data to the Services, Customer is responsible for ensuring that it has all required lawful bases, notices, consents, authorizations, permissions, safeguards, and contractual rights necessary for such processing.
Unless expressly agreed in writing, Geodd does not provide Services specifically intended for HIPAA-regulated protected health information, children’s data, biometric identification, criminal offense records, or other legally restricted workloads requiring dedicated contractual or regulatory controls.
Geodd’s Services are intended for users who are at least 18 years old.
Geodd may share personal data with the following categories of recipients.
We may share personal data with vendors, service providers, and subprocessors that help us provide, secure, support, and operate the Services.
These may include providers for:
Geodd’s Subprocessor List is available at: geodd.io/legal/subprocessors
Some third-party services may act as independent controllers depending on how they are used, such as payment providers, analytics providers, or communication platforms.
Their processing may be governed by their own privacy notices and legal terms.
We may disclose personal data where necessary to:
If Geodd is involved in a merger, acquisition, financing, corporate reorganization, sale of assets, or similar transaction, personal data may be disclosed or transferred as part of that transaction, subject to appropriate safeguards.
Geodd does not sell Customer Personal Data.
Geodd does not use Customer Personal Data submitted through the API for targeted advertising, model training, or unrelated commercial purposes.
Geodd uses cookies and similar technologies for website operation, authentication, consent management, analytics, and marketing where applicable.
Cookies may include:
| Tool | Provider | Purpose | Category | Duration |
|---|---|---|---|---|
| Auth Token | Geodd | Maintains logged-in sessions | Essential | 24 months |
| Consent Preference | Geodd | Stores cookie consent choices | Essential | 12 months |
| Google Analytics | Analyzes website traffic and usage | Analytics | 24 months | |
| GTag Consent | Communicates consent status to Google services | Analytics / consent management | Session | |
| Meta Pixel | Meta | Marketing and conversion tracking, where enabled | Marketing | As configured in the Cookie Policy |
| LinkedIn Pixel | Marketing and conversion tracking, where enabled | Marketing | As configured in the Cookie Policy |
For EU/UK users, non-essential cookies and tracking technologies should not load before valid consent is obtained.
Users can manage cookie preferences through Geodd’s cookie banner, cookie settings, or browser settings.
More information is available in Geodd’s Cookie Policy: geodd.io/legal/cookie-policy
Geodd uses technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Security measures may include:
Geodd’s Security Measures page is available at: geodd.io/trust-center/security-measures
No method of transmission or storage is completely secure. Customers are responsible for keeping API keys, credentials, and access permissions secure.
Geodd retains personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
| Data Type | Retention / Handling |
|---|---|
| API prompts / inputs | Not stored |
| API outputs / completions | Not stored |
| API request bodies | Not stored |
| API response bodies | Not stored |
| Uploaded files | Not supported / not stored unless separately agreed |
| Embeddings | Not stored unless separately agreed |
| Customer datasets | Not stored unless separately agreed |
| Fine-tuning data | Not supported unless separately agreed |
| Limited API metadata | Retained as needed for billing, usage measurement, security, troubleshooting, service operation, fraud prevention, legal, and compliance purposes |
| Billing / financial usage records | 7 years |
| Billing / tax records | 7 years |
| Security logs | 12 months unless longer retention is required |
| Support tickets | 12 months unless longer retention is required |
| Marketing records | Until unsubscribe plus 2 years |
| Marketing consent records | 6 years |
| Database backups | 30-day rolling backups |
| Deleted account data | Deleted within 30 days, except lawful retained records and backup expiry |
Billing and financial usage records may be retained for legal, tax, billing, fraud prevention, security, dispute, and compliance reasons.
Backup deletion occurs through normal backup expiry cycles and not by immediate deletion from all backups.
Customers may request deletion of their account by emailing [email protected] or by using any deletion functionality made available in the Services.
Where Customer requests account deletion, Geodd will delete or deactivate the account within a reasonable period and, where applicable, delete associated account data within 30 days, except for records that Geodd is required or permitted to retain for legal, tax, billing, security, fraud prevention, dispute, compliance, or legitimate business purposes.
API prompts, inputs, outputs, completions, request bodies, and response bodies are not available for export, correction, or deletion after processing where Geodd does not store them.
Geodd LLC is established in the United States.
For EU customers, API inference is hosted in EU data center infrastructure by default. EU/UK customers may also choose non-EU infrastructure, in which case API requests may be routed outside the EU/UK for inference processing.
Support and administrative access may occur from Geodd operational locations, including Sri Lanka, where necessary for support, security, debugging, service operations, billing, legal, and compliance.
Where personal data is transferred to or accessed from a country that has not been recognized as providing an adequate level of protection, Geodd uses appropriate transfer safeguards as described in its Data Protection Addendum and International Data Transfers page.
These safeguards may include:
Geodd’s International Data Transfers page is available at: geodd.io/legal/international-data-transfers
Depending on where you are located and which laws apply, you may have rights to:
To make a request, contact [email protected].
We may need to verify your identity before responding.
If your request relates to personal data submitted to Geodd by a Customer for processing under that Customer’s instructions, we may redirect your request to the relevant Customer unless legally required to respond directly.
Geodd will respond to rights requests within the timeframe required by applicable law.
If California privacy laws apply, California residents may have additional rights, including the right to know, access, correct, delete, and opt out of certain disclosures of personal information.
Geodd does not sell Customer Personal Data.
Geodd does not use Customer Personal Data submitted through the API for cross-context behavioral advertising.
To exercise California privacy rights, contact [email protected].
Users may opt out of marketing communications at any time by using the unsubscribe link in the email or contacting [email protected].
Even after opting out of marketing communications, users may still receive service, security, legal, billing, or administrative messages.
Geodd does not use Customer Personal Data submitted through the API to make automated decisions that produce legal or similarly significant effects on Data Subjects.
Customers are responsible for determining whether their own use of Geodd’s Services involves automated decision-making under applicable law.
Geodd’s Services are intended for users who are at least 18 years old.
Geodd does not knowingly collect personal data from children or provide Services specifically intended for children unless expressly agreed in writing and supported by appropriate legal safeguards.
If you believe a child has provided personal data to Geodd, contact [email protected].
Geodd LLC is not currently established in the EU or UK.
Geodd is in the process of appointing an EU representative and assessing or appointing a UK representative where required.
Until representative details are published, privacy-related inquiries may be sent to [email protected].
Geodd may update this Privacy Policy from time to time to reflect changes in law, Services, vendors, security practices, data handling practices, or business operations.
If changes are material, Geodd will provide notice by reasonable means, such as through the website, dashboard, email, or other electronic notice.
The “Last Updated” date shows when this Privacy Policy was last revised.
For privacy questions, data protection requests, or rights requests: [email protected]
For security questions: [email protected]
For support: [email protected]
For legal notices: [email protected]