Privacy Policy

How we collect, use, and protect your personal data.

1. Introduction

Menlo ('we', 'us', 'our') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and services. We operate in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What we collect

We collect the following personal data when you interact with our website and services:

  • Name — provided when you submit a contact or demo request form.
  • Email address — provided when you submit a contact or demo request form.
  • Company name — provided when you submit a contact or demo request form.
  • Role — optionally provided when you submit a form to help us understand your needs.
  • Form submissions — the content of messages you send us through our contact forms.

3. How we use your data

We use the personal data we collect for the following purposes:

  • Respond to enquiries — to reply to your contact form submissions, demo requests, and partnership enquiries.
  • Improve our service — to understand how our website and tools are used, and to make improvements.
  • Legal obligations — to comply with applicable laws, regulations, and legal processes.

4. Data storage

All personal data is encrypted in transit and at rest. Our infrastructure is hosted on Amazon Web Services (AWS) in the eu-west-1 (Ireland) region, ensuring your data remains within the European Economic Area. We implement industry-standard security measures including encryption, access controls, and regular security audits to protect your information.

5. Third parties

We do not sell, trade, or rent your personal data to third parties.

As part of our service, we use large language model (LLM) providers to process technical metadata from your connected repositories. This metadata is anonymised before processing — no personally identifiable information is shared with LLM providers. We carefully vet all third-party processors to ensure they meet our data protection standards.

6. Your rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can request that we correct any inaccurate or incomplete personal data.
  • Right to erasure — you can request that we delete your personal data where there is no compelling reason for us to continue processing it.
  • Right to data portability — you can request a copy of your personal data in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please contact us at privacy@menlo.sonictrio.com. We will respond to your request within 30 days.

7. Cookies

We use minimal cookies to ensure our website functions correctly. We do not use tracking cookies or third-party advertising cookies. Analytics cookies are only set with your explicit consent. You can manage your cookie preferences at any time through your browser settings.

8. Contact

If you have any questions about this Privacy Policy or how we handle your personal data, please contact our Data Protection team at privacy@menlo.sonictrio.com.

9. Updates to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by posting the updated policy on this page with a revised 'last updated' date.

Last updated: March 2026