Privacy Policy

Last updated: 29 April 2026

This Privacy Policy describes how TYR Technology (“TYR”, “we”, “us”, or “our”) collects, uses, stores, and shares information when you visit our website at tyr.ai (the “Site”) or otherwise interact with us online. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR) where applicable, and related privacy laws including the UK Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR) / EU ePrivacy rules where relevant to cookies and similar technologies.

1. Data controller

The data controller responsible for your personal data is TYR Technology, in connection with Oxford University Innovation and related project activities as described on the Site. For privacy enquiries, contact us at contact@tyr.ai.

2. Information we collect

Depending on how you use the Site, we may process:

• Technical and usage data: such as IP address, browser type and version, device type, operating system, referral source, pages viewed, and approximate location derived from IP (typically at country or region level).
• Communications: if you email us, we process your email address, message content, and metadata needed to respond.
• Information you choose to provide: any other personal data you submit through forms or correspondence.

3. Cookies and similar technologies

We use cookies and similar technologies on the Site. Some cookies are strictly necessary for the Site to function (for example, security, load balancing, or language preferences). Where required by law, we will ask for your consent before using non-essential cookies, such as analytics cookies. You can change your choices at any time via the cookie controls presented on the Site (where available) and through your browser settings.

4. Purposes and legal bases

We use personal data for the following purposes and on the following legal bases:

• To operate and secure the Site — legitimate interests (ensuring availability, integrity, and security) and, where strictly necessary cookies are involved, legal obligations or your requested service (Article 6(1)(b) or (f) GDPR as applicable).
• To understand how the Site is used (analytics) — only where you have given consent (Article 6(1)(a) GDPR) or another valid basis applies.
• To respond to enquiries — legitimate interests and/or performance of steps at your request prior to a contract (Article 6(1)(b) GDPR).
• Compliance and legal claims — legal obligation or legitimate interests (Article 6(1)(c) or (f) GDPR).

5. Retention

We retain personal data only for as long as necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law. Technical logs may be retained for shorter periods for security and troubleshooting unless a longer period is justified.

6. Sharing and processors

We may share personal data with trusted service providers who process data on our behalf (for example, hosting or analytics providers), subject to appropriate contracts and safeguards. We may also disclose information if required by law or to protect our rights, users, or the public.

7. International transfers

If personal data is transferred outside the UK or EEA, we will ensure appropriate safeguards are in place where required by law (for example, the UK IDTA / EU Standard Contractual Clauses or adequacy decisions).

8. Your rights

Depending on your location, you may have the right to access, rectify, erase, restrict, or object to certain processing of your personal data, and the right to data portability where applicable. Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal. You may also have the right to lodge a complaint with a supervisory authority (in the UK, the Information Commissioner’s Office).

9. Security

We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction.

10. Children

The Site is not directed at children under 16, and we do not knowingly collect personal data from children. If you believe we have collected such data, please contact us and we will take steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top will be revised when we make material changes. We encourage you to review this page periodically.

12. Contact

For questions about this Privacy Policy or our processing of personal data, contact contact@tyr.ai.

This document is provided for general information and does not constitute legal advice. You may wish to have your own legal counsel review this policy for your specific circumstances.