Back to Home

Privacy Policy

Last updated: 19 May 2026

BloodstockIQ ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, how we use it, and your rights under GDPR.

1. Data Controller

Leinster IT Services Ltd

Email: support@bloodstockiq.com

Location: Ireland

2. Data We Collect

We collect the following personal data:

Account Data

  • Name
  • Email address
  • Password (hashed, never stored in plain text)

Subscription & Billing Data

  • Stripe customer ID
  • Payment method (stored by Stripe)
  • Billing history and invoices

We do not store card details — Stripe handles all PCI-compliant processing.

Uploaded Content

  • Pedigree files (PDF/JPG/PNG)
  • Extracted names (sire, dam, horse name)

Technical & Usage Data

  • IP address
  • Browser/device information
  • Search filters
  • Saved searches
  • AI query interactions
  • Log data for debugging and security

Waitlist Data Collection

We collect your email address solely to provide updates regarding the launch of BloodstockIQ 2.0. This data is stored securely and will never be sold to third parties.

3. How We Use Your Data

We use your information to:

  • Provide access to platform features
  • Generate AI analyses and valuations
  • Improve model accuracy
  • Prevent fraud and abuse
  • Maintain subscription billing
  • Provide customer support

Your prompts and text inputs are processed by third-party AI services (OpenAI or Relevance AI) for generation but not used to train their models.

4. AI Processing

When you use BloodstockIQ's AI tools, your queries may be sent to:

  • OpenAI (chat/analysis models)
  • Relevance AI (AI agent platform, which may use Google Cloud Vision for image processing)

We restrict data processing with privacy-preserving settings whenever available. The specific AI service used may vary based on our platform configuration.

AI Processing Disclosure

BloodstockIQ utilizes Large Language Models (LLMs) and proprietary algorithms to analyze public pedigree and sales data. No personally identifiable information (PII) is used to train these models.

5. Legal Bases (GDPR)

We process your data under:

  • Contract: to deliver the service you subscribed to
  • Legitimate interest: to improve security, analytics, and performance
  • Consent: where required for cookies or marketing
  • Legal obligations: accounting, invoicing, audit logs

6. Data Sharing

We share minimal data with:

  • Stripe (billing)
  • OpenAI (AI processing)
  • Relevance AI (AI processing and agent orchestration)
  • Google Cloud Vision (via Relevance AI, for optical character recognition)
  • Supabase (hosting & database)

We never sell or rent your personal data.

7. The 'Cyber' Promise

As a platform led by cybersecurity professionals, we implement industry-standard encryption and access controls to protect the integrity of our bloodstock datasets.

8. International Transfers

Some processing occurs outside the EU (e.g., OpenAI in the US). We rely on:

  • Standard Contractual Clauses (SCCs),
  • Adequate safeguards,
  • GDPR-compliant processors.

9. Data Retention

  • Account data: retained while your account is active
  • Billing records: kept for 6 years (legal requirement)
  • Uploaded documents: deleted when your account is deleted or on request
  • Logs: 30–180 days depending on type

You may request deletion at any time.

10. Your Rights (GDPR)

You have the right to:

  • Access your data
  • Correct inaccuracies
  • Delete your data ("right to be forgotten")
  • Export your data
  • Restrict processing
  • Object to certain processing
  • Withdraw consent

To exercise rights: support@bloodstockiq.com

11. Contact

If you have a privacy question:
support@bloodstockiq.com