Skip to content
DealIndex .ai
Every deal price-checked against 90 days of real data. No sponsored deals. No fake discounts.

Legal · last updated 17 April 2026

Privacy policy

DealIndex.ai ("DealIndex", "we") is operated by Orokrt Retail Ltd, a company registered in England and Wales (the "controller"). This page explains what we collect, why, how long we keep it, and the rights you have over it.

What we collect

  • Email address — only when you sign up to the newsletter, set up a price alert, or contact us. Lawful basis: consent (newsletter, alerts) or legitimate interest (replying to a contact-form message).
  • Hashed IP address — for the affiliate-click handler at /api/go/…, for the contact form, and for the MCP server's per-IP rate limit. We hash with SHA-256 immediately and never persist a raw address. Lawful basis: legitimate interest (rate limiting, fraud prevention).
  • User-agent + referer headers — for the same three surfaces, kept alongside the hashed IP. Used for attribution debugging only.
  • Aggregated page-view data — via Plausible Analytics, which does not use cookies and does not collect personal data. There is no consent banner because there's nothing to consent to.

What we don't collect

  • No advertising or tracking cookies. No Facebook Pixel, no Google Ads retargeting.
  • No cross-site profiling.
  • No client-side conversation history beyond your own browser (the on-site chat keeps the last 20 messages in localStorage; clear your site data and they're gone).
  • No payment information — we don't sell anything directly.

Where the data lives

Supabase (Postgres) hosted in the EU region. Cloudflare for the edge network and CDN. Anthropic (US) for the AI assistant — only your free-form chat messages are sent there, no email or IP. Beehiiv (US) for the newsletter list.

How long we keep it

  • Newsletter subscribers: until you unsubscribe.
  • Price alerts: until you cancel them or the alert is delivered.
  • Hashed IPs from the contact form and click handler: 90 days.
  • Plausible aggregated data: indefinite (no PII).
  • Chat session logs: 90 days, then anonymised (we keep the query + the recommendation but drop any session identifier).

Your rights

You can ask us at any time, free of charge, to:

  • Access the data we hold on you.
  • Correct it.
  • Delete it (right to erasure).
  • Restrict or object to processing.
  • Receive a copy in a machine-readable format (data portability).

Email [email protected] and we'll action it within 30 days. You can also complain to the ICO if you're not happy with our response — ico.org.uk/make-a-complaint.

Affiliate links

DealIndex earns a commission on qualifying purchases via Amazon Associates, Awin and Skimlinks. The affiliate redirect adds attribution parameters to the outbound URL — see /affiliate-disclosure.

Changes

Material changes will be flagged on the homepage for two weeks before they take effect. Editorial fixes (typos, broken links) update the "last updated" date silently.