Privacy & Cookie Policy

Last updated: 13 April 2026

1. Who We Are

ColoGPU ("we", "us", "our") is a GPU colocation brokerage service. We match AI companies with verified, high-density colocation providers. Our website is cologpu.com. For any privacy-related queries, contact us at neil@cologpu.com.

2. What Data We Collect

We collect only the data necessary to provide our services:

• Audit tool submissions: Email address, company name, and the cloud billing file you upload. Your billing file is processed by our AI analysis tool and is not stored after analysis is complete.
• Contact form / email: Name, email address, company name, and the content of your message.
• Cookieless website analytics: We use Ahrefs Web Analytics to measure aggregate traffic (pageviews, referral source, country, device type). This is cookieless, does not set persistent identifiers, does not fingerprint, and does not track you across other websites. IPs are anonymised. Runs under legitimate interest and does not require consent.
• Visitor identification (consent-only): If you consent via our cookie banner, we also use Apollo.io to identify the business associated with your visit (via IP address and device signals matched against Apollo's B2B database). This is how we understand which companies are interested in ColoGPU. You can decline by choosing "Essential Only".

3. How We Use Your Data

• To deliver your infrastructure audit report via email
• To respond to enquiries and provide our brokerage service
• To send relevant follow-up communications about our services (you can opt out at any time)
• To improve our website and services through anonymised analytics (with your consent)

4. Legal Basis for Processing (GDPR)

Under the UK GDPR and EU GDPR, we process your data on the following bases:

• Consent: For analytics cookies and marketing communications. You can withdraw consent at any time.
• Legitimate interest: For processing audit submissions and responding to enquiries, where you have actively provided your information to receive our services.
• Contract: Where processing is necessary to deliver services you have requested.

5. Cookies

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. We use them sparingly and with your consent where required.

Essential Cookies

These are strictly necessary for the website to function. They do not require consent under GDPR. Currently, we do not set any essential cookies -- our site operates without them.

Analytics and Marketing Cookies

With your consent, we use Apollo.io's website visitor tracker to help us understand which businesses visit our site. These cookies:

• Identify the company associated with your visit, using your IP address and device signals matched against Apollo's B2B contact database
• Record which pages you visit, your referral source, and basic device information
• May be set by Apollo across any site that uses their tracker
• Are only loaded after you give consent via our cookie banner — choose "Essential Only" to decline

Lawful basis: consent (UK GDPR Art. 6(1)(a)). You can withdraw consent at any time by clearing your browser's local storage for cologpu.com.

Managing Your Preferences

When you first visit our site, you will see a cookie consent banner where you can choose to accept all cookies or only essential cookies. To change your preference later, clear your browser's local storage for cologpu.com, and the banner will reappear on your next visit.

6. Third-Party Services

We use the following third-party services that may process data on our behalf:

• Cloudflare: Website hosting, DNS, and security. Cloudflare may process IP addresses for security purposes. Cloudflare Privacy Policy
• Anthropic (Claude): AI-powered analysis of enquiries and billing data. Data is processed via API and not retained by Anthropic beyond the request. Anthropic Privacy Policy
• Twilio SendGrid: Transactional email delivery for audit reports, confirmations, and correspondence. Twilio Privacy Policy
• Twilio (Voice & WhatsApp): Inbound calls and WhatsApp messages for customer service. Calls may be recorded and transcribed. Twilio Privacy Policy
• HubSpot: Customer relationship management (CRM). Stores contact details, correspondence, and deal information for business purposes. HubSpot Privacy Policy
• Ahrefs Web Analytics: Cookieless website analytics. No persistent identifiers, no fingerprinting, no cross-site tracking, anonymised IPs. Runs on every page. Ahrefs Privacy Policy
• Apollo.io (consent-gated): Website visitor identification. Only active if you accept analytics and marketing cookies. Matches visiting IP addresses to business records in Apollo's B2B database. Apollo Privacy Policy
• Google Fonts: Web fonts loaded from Google servers. Google Privacy Policy

7. Data Retention

• Uploaded billing files: Processed in real-time and not stored. Files are held in memory only during analysis.
• Email addresses and contact details: Retained for as long as necessary to provide our services, or until you request deletion.
• Analytics data: Anonymised and aggregated. No personal data is retained.

8. Your Rights

Under the UK GDPR and EU GDPR, you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate personal data
• Erase your personal data ("right to be forgotten")
• Restrict processing of your personal data
• Data portability -- receive your data in a structured, machine-readable format
• Object to processing based on legitimate interest
• Withdraw consent at any time for consent-based processing

To exercise any of these rights, email us at neil@cologpu.com. We will respond within 30 days.

9. Data Security

We take appropriate technical and organisational measures to protect your personal data, including:

• HTTPS encryption on all pages
• Security headers (HSTS, CSP, X-Frame-Options)
• Rate limiting on API endpoints
• Input sanitisation to prevent injection attacks
• No unnecessary data storage

10. International Transfers

Some of our third-party service providers (Anthropic, Cloudflare) may process data outside the UK/EEA. Where this occurs, appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions.

11. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this policy from time to time. The "last updated" date at the top of this page will reflect the most recent version. We encourage you to review this page periodically.

13. Contact

For any questions about this privacy policy or your personal data, contact us at:

Email: neil@cologpu.com