top of page

Security & Privacy Policy

2. Privacy Policy (UK GDPR)

This Privacy Policy explains how we collect, use, store, and share personal data when you use our Website, contact us, or request a demo. It is intended to comply with the UK GDPR and the Data Protection Act 2018.

2.1 Roles

For Website enquiries we act as a data controller. If you become a customer, we may additionally act as a data processor when processing end-customer call, SMS, booking, and photo data on your behalf.

2.2 Data we collect

  • Contact data: name, email, phone number, company name, role.

  • Enquiry data: your message, service interest, and any information you choose to provide.

  • Technical data: IP address, device/browser information, approximate location, and usage analytics (where enabled).

  • Marketing preferences: your opt-in/opt-out status.

2.3 Lawful bases

We process personal data under one or more of the following lawful bases: consent (e.g., marketing), contract (e.g., responding to a request for services), legitimate interests (e.g., running and improving our Website), and legal obligation (e.g., accounting/tax).

2.4 How we use your data

  • to respond to enquiries and provide demos;

  • to provide and improve our services and Website;

  • to manage our relationship with you and administer accounts;

  • to send service notices and important updates;

  • to send marketing communications where you have consented or where permitted by law (you can opt out at any time).

2.5 Sharing and sub-processors

We may share personal data with trusted service providers who help us operate our Website and deliver services. Depending on your configuration, these may include cloud hosting and development platforms, communications providers, and AI service providers (for example: Twilio, Vapi, OpenAI, Google Gemini, Replit). We only share data to the extent necessary and expect appropriate contractual safeguards.

2.6 International transfers

Some providers may process data outside the UK. Where data is transferred internationally, we will use appropriate safeguards, such as UK International Data Transfer Agreements or other lawful transfer mechanisms, where required.

2.7 Data retention

We keep personal data only as long as needed for the purposes described above, including to meet legal, accounting, and reporting requirements. We may retain enquiry data for a reasonable period to follow up on your request, unless you ask us to delete it earlier.

2.8 Security

We use appropriate technical and organisational measures designed to protect personal data, including access controls, least-privilege practices, and monitoring. No method of transmission or storage is 100% secure; however we work to reduce risk and respond promptly to incidents.

2.9 Your rights

Under UK GDPR you may have rights including: access, rectification, erasure, restriction, portability, objection, and the right to withdraw consent. To exercise rights, contact us using the details above. You also have the right to complain to the UK Information Commissioner’s Office (ICO).

2.10 Marketing

We may send marketing messages by email or SMS where you have consented or where permitted by law. You can opt out at any time using the unsubscribe link or by contacting us. For SMS, you can also reply STOP where applicable.

bottom of page