Legal

Privacy Policy

Last updated: 2 July 2026

This Privacy Policy explains how AEA Solutions Ltd ("AEA Solutions", "we", "us", "our") collects, uses, and protects your information across all of our products and services, including:

AEA Solutions Ltd is a company registered in England and Wales (registered office: 7 Woodvale Grove, Bolton, England, BL3 3HQ) and is the data controller responsible for your personal data under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Because our products work very differently, this policy has a short set of general terms that apply to everything, followed by a product-specific section for each product. If a product-specific section conflicts with the general terms, the product-specific section applies to that product.


1. Summary

RabbleBluntly
Accounts requiredNoYes (optional free tier and paid subscription)
Personal data collectedNone directly; anonymised purchase data via RevenueCatAccount, profile/CV and usage data
Data leaves your deviceOnly anonymised purchase dataYes — to our backend and AI service providers
Analytics / advertising trackersNoNo advertising trackers; see Section 3.4
Data sold to third partiesNeverNever

2. Rabble

Rabble's gameplay runs entirely on your device. We do not collect your name, email, or any information that identifies you through Rabble. The only data that leaves your device relates to purchases, described below.

Purchases. Rabble offers optional paid content (a one-time purchase and an auto-renewing subscription). All payments are processed by Apple through the App Store (and, on Android, will be processed by Google through Google Play). We do not receive or store your payment card details.

We use RevenueCat to manage in-app purchases and subscription status. When you make a purchase, RevenueCat processes a randomly generated, anonymous app user ID and your purchase history (transaction receipts, product identifiers, subscription status) on our behalf. This identifier is not linked to your name, email, or any other information that identifies you, and it is not used for tracking or advertising. RevenueCat processes this data as our processor under its data processing terms; see RevenueCat's privacy policy for details.

Mature content. Rabble contains some content intended for adult players, hidden behind an optional toggle that is off by default. Because we collect no identifying personal data through Rabble, we do not knowingly collect information from anyone, including children.

3. Bluntly

Bluntly is a Chrome extension that helps you with your job search. To provide this service, Bluntly collects and processes the following data.

3.1 Information we collect

3.2 How we use your information

We use this data to: create and manage your account; provide the extension's features (including generating tailored job-search content); process payments and manage subscriptions; provide support; maintain security and prevent abuse; and comply with legal obligations.

We do not sell your personal data. We do not use your data for advertising. We do not use your data to determine creditworthiness or for lending purposes.

3.3 AI processing

Some Bluntly features are powered by one or more third-party AI service providers. These may include providers such as Anthropic, OpenAI, and Google, among others, and the providers we use may change from time to time as we improve the service. When you use these features, the relevant content (for example, a job description and the parts of your profile needed for the task) is sent to the provider to generate a response, and the response is returned to you. We access these providers through their business/API services and select providers whose terms do not permit your content to be used to train their models.

3.4 Storage and analytics

Your account and profile data is stored on our backend infrastructure provided by Supabase, hosted in secure cloud data centres which may be located in the UK, the EU, or the United States (see Section 5 on international transfers). We do not use third-party advertising or cross-site tracking technologies. We may use privacy-respecting, first-party usage measurement to understand how features are used.

3.5 How long we keep your data

We keep your account and profile data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we must retain limited records to comply with legal obligations (e.g. billing records, which are retained for six years under UK tax law). You can delete your account at any time from within the extension or by emailing us.


4. Third parties we work with

We share personal data only with service providers who process it on our behalf, under contract, and only as needed to run our products:

We may replace any service provider with an equivalent provider from time to time; replacements will be bound by equivalent contractual protections, and we will update this policy where the change is material.

We may also create and use aggregated or anonymised data (data that can no longer identify you) for any lawful purpose, including improving our products, analytics, and business reporting. Such data is not personal data under UK GDPR.

We may also disclose data if required by law, or in connection with a merger, acquisition, or sale of assets (in which case this policy will continue to apply to your data, and we will notify you of any change of controller).

5. International transfers

Some of our service providers are located outside the UK (for example, in the United States). Where personal data is transferred internationally, we rely on safeguards recognised under UK GDPR, such as the UK International Data Transfer Agreement / Addendum or an adequacy decision.

6. Legal bases (UK GDPR)

We process personal data on the following bases: performance of a contract (providing the product you signed up for); legitimate interests (securing and improving our services); legal obligation (e.g. tax and accounting records); and consent, where we ask for it, which you can withdraw at any time.

7. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit, hashed credentials, and access controls. No system is perfectly secure, but we take reasonable steps to protect your information and will notify you and the ICO of any breach where required by law.

8. Your rights

Under UK GDPR you have the right to: access your personal data; correct it; delete it; restrict or object to processing; data portability; and withdraw consent. To exercise any right, contact us at the details below — we will respond within one month. Note that Rabble stores no identifying personal data; the anonymous purchase identifier used by RevenueCat cannot be linked back to you by us, so in most cases there is nothing for us to access, correct, or delete for Rabble.

You also have the right to complain to the Information Commissioner's Office (ICO): ico.org.uk.

9. Children

Our products are not directed at children under 13, and we do not knowingly collect personal data from children. Rabble's optional mature content is off by default and the app is age-rated accordingly on the App Store. If you believe a child has provided us personal data through Bluntly, contact us and we will delete it.

10. Changes to this policy

We may update this policy from time to time, for example when we launch new products or features. We will update the "Last updated" date above and, for material changes, provide a more prominent notice (for example, in-product or by email for Bluntly account holders).

11. Contact us

AEA Solutions Ltd
7 Woodvale Grove, Bolton, England, BL3 3HQ
Email: aeasolutionsltd@gmail.com