Privacy Policy

We collect information necessary to provide our services and operate our business. This includes:

Information You Provide Directly

• Business and Contact Information: When you inquire about our services, you may provide your name, email address, phone number, company name, and job title.
• Client Data: In the course of providing our AI consulting and development services, you may provide us with access to your proprietary data ("Client Data"). The handling of Client Data is governed by our Terms of Service and any applicable Data Processing Agreement (DPA).

Information We Collect Automatically

When you visit our website, we automatically collect certain technical information:

• Log and Usage Data: Your IP address, browser type, operating system, referral source, pages visited, and the dates/times of your visit.
• Cookies and Similar Technologies: We use cookies for analytics and to ensure website functionality. See our section on Cookies for more details.

We process your personal data on the following lawful bases under UK GDPR:

• Contract: To enter into and perform our service contract with you. This includes responding to inquiries, providing our AI services, and managing our client relationship.
• Legitimate Interests: For purposes that are in our legitimate business interests, such as:
  • Operating, improving, and securing our website and services.
  • Analyzing website usage to enhance user experience and for marketing strategy.
  • Communicating with you about our services and industry insights.
  • Preventing fraud and ensuring legal and contractual compliance.
• Consent: Where required by law, we will ask for your consent before processing your data, for example, for certain marketing communications. You may withdraw your consent at any time.

We use cookies and similar technologies to operate our website and for analytics. A cookie is a small text file stored on your device. We use them to understand user activity and improve our services.

We use essential cookies for website functionality and non-essential cookies for analytics (e.g., Google Analytics, PostHog) to understand traffic and user behavior. We will request your consent for non-essential cookies as required by law. You can manage your cookie preferences through your browser settings.

We do not sell your personal data. We may share your information with the following categories of third parties:

• Service Providers (Sub-processors): Companies that provide services on our behalf, such as cloud hosting (e.g., Vercel, AWS), CRM systems, and analytics providers. We have data processing agreements in place with these providers.
• Professional Advisors: Our lawyers, accountants, and insurers, where necessary.
• Legal and Regulatory Bodies: If required by law, we may disclose your information to comply with a legal obligation, protect our rights, or prevent fraud.
• In a Business Transfer: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the new entity.

We have implemented robust technical and organizational measures to protect the security of your personal information. This includes encryption, access controls, and secure development practices.

However, no method of transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

As a global business, we may transfer your data outside the United Kingdom (UK). Where we transfer data to countries not deemed to have adequate data protection laws (such as the United States), we will ensure that appropriate safeguards are in place. This includes using the UK's International Data Transfer Agreement (IDTA) or other approved legal mechanisms.

Under UK GDPR, you have the following rights regarding your personal data:

• Right of Access: You can request a copy of the data we hold about you.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data.
• Right to Erasure ('Right to be Forgotten'): You can ask us to delete your data in certain circumstances.
• Right to Restrict Processing: You can ask us to limit the processing of your data.
• Right to Data Portability: You can request your data in a structured, machine-readable format.
• Right to Object: You can object to our processing of your data for direct marketing or on the basis of legitimate interests.

To exercise any of these rights, please contact us at privacy@started.ltd. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. For Client Data provided for our services, retention periods are defined in our client agreements.