GDPR Compliance Statement
Last updated: 27th January 2026
1. Our Commitment to Data Protection
ListingEngine Ltd ("ListingEngine," "we," "us," or "our") is committed to protecting personal data and complying with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR) where applicable, and the Data Protection Act 2018.
This document explains how we meet our obligations when processing personal data as both a data controller and, for business customers, a data processor.
2. Who We Are
3. Scope
This GDPR Compliance Statement applies to:
- visitors to our website;
- users of the ListingEngine.ai platform; and
- business customers whose data we process on their behalf.
This document should be read alongside our Privacy Policy and Terms of Service.
4. Lawful Bases for Processing
We process personal data only where we have a lawful basis, including:
- contractual necessity;
- legal obligation;
- legitimate interests; and
- consent, where required.
5. Personal Data We Process
Depending on use of the Service, we may process:
- names and contact details;
- account and usage data;
- listing-related content supplied by users;
- technical data such as IP addresses and logs.
We do not intentionally process special category data.
6. Data Processing for Business Customers (DPA)
Where a Business User uses ListingEngine.ai and uploads or processes personal data through the Service, the following applies:
The Business User acts as the Data Controller.
ListingEngine.ai acts as the Data Processor.
ListingEngine.ai processes personal data only on documented instructions from the Business User and solely for the purpose of providing the Service.
Our Processor Obligations
We:
- apply appropriate technical and organisational security measures;
- ensure staff are bound by confidentiality obligations;
- use trusted sub-processors (e.g. hosting and infrastructure providers) under equivalent data protection terms;
- assist Business Users with data subject requests where reasonably possible;
- notify Business Users without undue delay in the event of a personal data breach.
International Transfers
Where personal data is transferred outside the UK or EEA, appropriate safeguards are used, including adequacy decisions or approved contractual clauses.
End of Service
Upon termination of the Service, and where requested, we will delete or return personal data within a reasonable time, subject to legal retention requirements.
This section constitutes the Data Processing Addendum (DPA) for Business Users.
7. Data Security
We implement appropriate technical and organisational measures to protect personal data, including access controls, secure infrastructure, and encryption in transit where appropriate.
8. Data Retention
Personal data is retained only for as long as necessary to provide the Service, comply with legal obligations, or resolve disputes. Data is securely deleted or anonymised when no longer required.
9. Data Subject Rights
Individuals have the right to:
- access, correct, or delete their data;
- restrict or object to processing;
- receive their data in a portable format; and
- withdraw consent where applicable.
Requests can be made to support@listingengine.ai
10. Data Breaches
In the event of a personal data breach, we will assess the risk and notify the relevant supervisory authority and affected individuals where required by law.
11. Complaints
If you are unhappy with how your data is handled, you may contact us or lodge a complaint with the UK Information Commissioner's Office (ICO) at https://ico.org.uk
12. Updates
We may update this document from time to time to reflect changes in law or our practices. The latest version will always be available on our website.