Privacy Policy

Last updated: 13 February 2026

1. Introduction

This Privacy Policy explains how Justify Ltd ("Justify", "we", "us", "our") collects, uses, stores, shares, and protects information when you visit justify.app and its subdomains or use any of our services.

2. Who we are

Justify Ltd is a company registered in England and Wales under company number 16000647.

Registered address: Sunnyside, Back Lane, Stratford-upon-Avon, Warwickshire, CV37 8XA, United Kingdom.

ICO registration number: CSN2326977.

We act as the controller of your personal data. We have appointed a Data Protection Officer ("DPO") to oversee compliance with this policy. You can contact the DPO via our in-app chat or by writing to our registered address.

3. The data we collect

"Personal data" means any information relating to a person that can identify them, directly or indirectly. We may collect and process the following categories:

  • Identity Data: First name, last name, username, or similar identifiers.
  • Contact Data: Email address, phone number(s), postal address.
  • Account Data: Username, password, preferences, survey responses, and feedback.
  • Financial Data: Payment references and billing details necessary to process transactions. Card numbers are processed directly by our payment provider and are not stored by us.
  • Transaction Data: Records of purchases, subscriptions, or other interactions with our services.
  • Technical Data: IP addresses, login data, browser type, device identifiers, operating system, approximate geographic location derived from IP address, and platform details.
  • Usage Data: Pages visited, time spent on site, features used, referral URLs, and other analytics about how you interact with our services.
  • Marketing & Communications Data: Your preferences regarding marketing communications and notifications.
  • Content Data: Campaign materials, creative assets, video content, and text you upload or enter into our platform, including content entered into AI-powered features.

We do not collect special category data (e.g. health or religious beliefs) unless we have your explicit consent.

4. How we collect your data

Direct interactions: You provide data when you create an account, update your profile, contact us, subscribe, fill in forms, upload content, or respond to surveys.

Automated technologies: As you use our services, we automatically collect Technical Data and Usage Data using cookies, server logs, and similar technologies. See our Cookie Policy for details.

Third-party sources: We may receive data from payment processors, social media platforms (when you link an account), e-commerce partners, and survey panel providers.

5. Lawful basis for processing

We only process your personal data where we have a valid legal basis under UK data protection law:

  • Performance of a Contract: When processing is necessary to provide the services you have requested (e.g. managing your account, enabling payment).
  • Legitimate Interests: When processing is required for our legitimate interests (e.g. improving our services, preventing fraud), and your rights do not override those interests.
  • Consent: When you have agreed to receive marketing communications or to the use of non-essential cookies. You may withdraw consent at any time.
  • Legal Obligation: When processing is necessary to comply with legal obligations, such as tax or accounting rules.

6. How we use your data

We may use your personal data for the following purposes:

  • Account management: To set up, maintain, and secure your user account.
  • Service delivery: To process transactions, provide support, and ensure functionality.
  • Communication: To send notifications about updates, security alerts, or billing information.
  • Marketing: To inform you about new features or offers, if you have not opted out.
  • Analytics and improvement: To analyse usage trends, monitor engagement, and improve user experience.
  • AI-assisted analysis: Some features use artificial intelligence (provided by OpenAI, Google, Anthropic, and ElevenLabs) to generate analysis, recommendations, and content. Data you enter into AI-powered features is sent to these providers for processing. We do not permit these providers to use your data for model training.
  • Legal compliance: To fulfil our legal obligations or respond to lawful regulatory requests.

We use AI-assisted scoring and analysis tools to support campaign measurement, influencer evaluation, and content testing. These outputs inform — but do not replace — human decisions.

7. Sharing and disclosure

We do not sell your personal data. We share it only with service providers that help us run the platform:

  • Database hosting: Neon
  • Caching and rate limiting: Upstash
  • Authentication: Clerk
  • Payments: Stripe
  • Cloud hosting: Vercel, AWS
  • Background jobs: Trigger.dev
  • AI and content generation: OpenAI, Google, Anthropic, ElevenLabs
  • Email delivery: Resend
  • Video processing: Mux
  • Marketing: HubSpot
  • Social analytics: InsightIQ
  • Survey panels: Cint
  • E-commerce integration: Shopify, TikTok Shop (where you connect these services)

A complete list of sub-processors is available on our website.

We may also share data if required by law, to protect our rights or the safety of others, or in connection with a business transfer, provided the acquirer agrees to comply with this policy.

8. International transfers

Where your personal data is transferred outside the UK or EEA, we ensure equivalent protection using:

  • Adequacy Decisions: Where the destination country has adequate data protection laws.
  • Standard Contractual Clauses: Contractual safeguards between us and the recipient.

Some providers are based in the United States; we use Standard Contractual Clauses or the UK–US Data Bridge. You can request a copy of these safeguards by contacting us via chat.

9. Cookies and tracking technologies

We use cookies and similar technologies to collect Technical Data about your browsing actions and usage patterns. Non-essential cookies are set only after you accept our cookie banner.

For detailed information about each cookie we use, including how to manage your preferences, please see our Cookie Policy.

10. Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, and misuse, including:

  • Access controls: Granting employees and contractors only the access needed to perform their roles.
  • Encryption: Securing data in transit and at rest.
  • PII protection: Automatically sanitising personal data in system logs.
  • Ongoing monitoring: Regularly reviewing our data collection, storage, and processing practices.

11. Data retention

We keep personal data only for as long as necessary to fulfil the purposes outlined in this policy, including legal, accounting, and dispute-resolution duties:

  • Billing data: 7 years (tax regulations).
  • Diagnostic logs: 90 days.
  • Soft-deleted accounts: 30 days, then permanently purged.
  • Campaign data: Duration of service plus 1 year.

When data is no longer needed, we delete or anonymise it.

12. Your rights

Under UK data protection law, you have the right to:

  • Access a copy of the personal data we hold about you.
  • Rectify incomplete or inaccurate data.
  • Erase your data where there is no lawful basis to continue processing.
  • Restrict how we process your data in certain circumstances.
  • Object to processing based on our legitimate interests or for direct marketing.
  • Data portability: Request transfer of your data in a structured, machine-readable format.
  • Withdraw consent at any time where consent is the legal basis.

To exercise any of these rights, contact us via our in-app chat. We may confirm your identity to protect against fraudulent requests. We aim to respond within one month, which may be extended by up to two further months for complex requests.

13. Children's privacy

Our services are intended for business users and are not aimed at anyone under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with information, please contact us and we will remove it promptly.

14. Changes to this policy

We may revise this policy to reflect changes in our practices or for legal or regulatory reasons. Material changes will be notified to you directly and posted on our website.

15. Contact and complaints

If you have questions or concerns about this policy, contact our DPO via our in-app chat or by writing to our registered address.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. We would appreciate the opportunity to address your concerns before you approach the ICO.

Need Help Choosing the Right Plan?

Start Chat
Justify Your Social Spend
Request a Demo

Quick Links

Features

Compare

vs. ThisThat
vs. OnDevice
vs. HappyDemics
vs. Group RFZ
vs. Attest
vs. On Platform

Company

Cookie Policy
Privacy Policy
Terms of Service

Need Help?

Start Chat
[YEAR]