Legal

Privacy Policy.

Last updated: June 2026

1. Who we are

GetViable is a strategic delivery partner based in Newcastle Upon Tyne, United Kingdom. We help businesses build AI-first systems, founder-led brands and new products. This policy explains how we collect, use, share and protect personal information when you visit getviable.co (the "Site"), enquire about our services, or work with us under a Statement of Work.

For the purposes of UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, GetViable is the data controller in respect of the personal information we collect about you through the Site and in connection with our Services.

2. Information we collect

We collect and process the following categories of information:

  • Contact details you provide via forms, email or during discovery calls, such as your name, company, role, email address and phone number.
  • Project information shared with us as part of an engagement, including briefs, business documents, brand assets and source materials. This may incidentally include personal data of your colleagues, customers or contacts.
  • Communications between us, including emails, messages and meeting notes.
  • Billing and contractual information needed to issue invoices and manage our commercial relationship.
  • Technical and usage data automatically collected when you visit the Site, including IP address, device type, browser, referring URL, pages viewed and approximate location.
  • Cookies and similar technologies, as described in the Cookies section below.

3. How we use your information

We use personal information for the following purposes:

  • To respond to your enquiries and provide information you have requested.
  • To scope, deliver, manage and invoice our Services.
  • To communicate with you about engagements, updates and proposals.
  • To improve the Site, our marketing and our service offering.
  • To maintain our records and meet our legal, accounting and tax obligations.
  • To protect the security and integrity of our Site and systems.

We do not sell your personal information to third parties, and we do not use it for automated decision-making that produces legal or similarly significant effects about you.

4. Lawful bases for processing

We rely on the following lawful bases under UK GDPR to process your personal information:

  • Contract: where processing is necessary to enter into or perform a contract with you.
  • Legitimate interests: to run, promote and improve our business, respond to enquiries, secure our systems and provide a high-quality service, provided your rights and interests do not override ours.
  • Legal obligation: where we are required to process information to comply with the law (for example, accounting and tax requirements).
  • Consent: where you have given us specific consent, for example for certain marketing communications or non-essential cookies. You may withdraw consent at any time.

5. How we share your information

We share personal information only where necessary and with appropriate safeguards. Recipients may include:

  • Trusted service providers and subcontractors who help us deliver the Services, such as cloud hosting, analytics, communication, design, development and AI tooling providers.
  • Professional advisors such as accountants, lawyers and auditors.
  • Authorities, regulators or other parties where we are required to do so by law, to enforce our agreements, or to protect our rights, property or safety.
  • Successors in the event of a sale, merger, reorganisation or acquisition of all or part of our business.

6. International transfers

Some of our service providers are located outside the United Kingdom. Where we transfer personal data internationally, we use appropriate safeguards such as adequacy regulations, the UK International Data Transfer Agreement, or the EU Standard Contractual Clauses (with the UK Addendum) to ensure a similar level of protection.

7. Data retention

We retain personal information for as long as necessary to fulfil the purposes for which we collected it, including to satisfy legal, accounting or reporting requirements. In practice this typically means:

  • Enquiry information: up to 24 months after our last contact.
  • Client records, contracts and invoices: at least 6 years from the end of the relevant financial year, in line with HMRC requirements.
  • Marketing contacts: until you unsubscribe or ask us to stop contacting you.
  • Website analytics data: typically up to 14 months in aggregated form.

When information is no longer needed, we will securely delete or anonymise it.

8. Security

We use a combination of technical and organisational measures to protect your personal information against accidental loss, unauthorised access, alteration or disclosure. These include access controls, encryption in transit, vendor due diligence and staff training. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Your rights

Under UK GDPR you have the following rights:

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten") in certain circumstances.
  • Right to restrict or object to processing.
  • Right to data portability for data you have provided to us.
  • Right to withdraw consent at any time, where processing is based on consent.
  • Right to lodge a complaint with the Information Commissioner's Office (ICO).

To exercise any of these rights, please contact us at hello@getviable.co. We will respond within one month, although we may need to verify your identity before acting on your request.

You can also contact the ICO directly at ico.org.uk if you believe we have not handled your personal information properly.

10. Cookies

Our Site uses cookies and similar technologies to operate, remember preferences and understand how the Site is used. Cookies fall into the following categories:

  • Strictly necessary cookies: required for the Site to function and cannot be switched off.
  • Analytics cookies: help us understand how visitors interact with the Site so we can improve it.
  • Functional cookies: remember choices you make and improve your experience.

You can manage cookies through your browser settings. Blocking some cookies may affect your experience on the Site.

11. Children

Our Site and Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate steps.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.

13. Contact

If you have any questions about this Privacy Policy, or about how we handle your personal information, please contact us at hello@getviable.co. Our base of operations is Newcastle Upon Tyne, United Kingdom.