Privacy Policy
Last Updated: 9 November 2025
1. Introduction
Welcome to FlowEdgeAI Ltd ("we," "us," "our"). We are an AI automation and digital solutions agency registered in the United Kingdom. We are committed to protecting and respecting your privacy. This policy explains how we collect, use, process, and safeguard your personal data in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).
This policy applies to data collected through our website (flowedgeai.com), contact forms, client onboarding processes, service delivery, and in the course of our business operations.
2. Who We Are
Company Name: FlowEdgeAI Ltd
Jurisdiction: Registered in England & Wales.
Contact for Data Protection: privacy@flowedgeai.com
Business Address: [Your Company Address, Aylesbury, United Kingdom]
For the purpose of UK data protection law, we are the data controller.
3. The Data We Collect About You
We collect and process various types of personal data to provide and improve our services. The categories of data we collect include:
- Identity & Contact Data: Includes your full name, email address, phone number, job title, and company name. We collect this when you fill out a form, book a consultation, or communicate with us.
- Business & Project Data: Information you provide during project briefs, consultations, and service delivery, such as business goals, operational details, system requirements, and project files.
- Financial Data: Payment details, billing addresses, and transaction history. This data is processed securely by our payment processors (e.g., Stripe, PayPal) and we do not store full card details.
- Technical Data: Includes your Internet Protocol (IP) address, browser type and version, device information, time zone setting, operating system, and log data.
- Usage Data: Information about how you use our website, products, and services, such as pages visited, time spent, and features used.
- Communications Data: Records of your correspondence with us, including emails, form submissions, and messages.
- AI-Processed Data: Data you provide for processing within our AI solutions, such as text for analysis, documents for data extraction, or inputs for automated workflows.
4. How We Use Your Data & Our Legal Basis
We only use your personal data when the law allows us to. Our legal bases for processing are:
- Performance of a Contract: To fulfil our contractual obligations to you, such as delivering a project, providing support, or processing payments.
- Legitimate Interests: For our legitimate business interests, such as improving our services, security monitoring, and managing our client relationships, provided your rights do not override these interests.
- Consent: Where you have given us explicit consent, for example, to send you marketing communications or use non-essential cookies. You can withdraw consent at any time.
- Legal Obligation: To comply with our legal and regulatory obligations, such as for tax and accounting purposes.
5. Third-Party Data Processors
We use trusted third-party service providers to help us deliver our services. These processors are bound by strict data protection obligations. Our key processors include:
- Cloud & Hosting: Google Cloud, Firebase, and Webflow for application hosting, databases, and website infrastructure.
- Payment Processing: Stripe and PayPal for secure payment processing.
- Communication & CRM: Google Workspace, Resend for transactional emails, Calendly for bookings, and Notion for internal project and client management.
- Development & AI Tools: Replit and other platforms used in the development and delivery of AI services.
We do not sell your personal data to any third parties.
6. AI-Specific Data Processing
Our services involve the use of AI. We are committed to processing data responsibly:
- Data in AI Workflows: When you provide data for an AI agent or automation workflow, it is processed solely for the purpose of delivering that service. It is not used for training public AI models.
- Confidentiality: Inputs you provide to our AI systems are treated as confidential. We use enterprise-grade AI services with strict data privacy commitments.
- Output Accuracy: AI-generated outputs can sometimes be inaccurate or incomplete ("hallucinations"). You are responsible for reviewing and verifying all AI-generated content before use.
- Automated Decisions: We do not use your personal data for making fully automated decisions that have a legal or similarly significant effect on you without human oversight.
7. International Data Transfers
Some of our third-party processors are based outside the UK. When we transfer your personal data internationally, we ensure a similar degree of protection is afforded to it by implementing safeguards recognised under UK GDPR, such as Standard Contractual Clauses (SCCs) or ensuring the recipient country is deemed to provide an adequate level of data protection.
8. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including for legal, accounting, or reporting requirements. Our retention periods are:
| Data Type | Retention Period |
|---|---|
| Client Project & Communication Data | 6 years after project completion |
| Billing & Financial Records | 6 years for tax purposes |
| Website Enquiries | 2 years after last contact |
| Analytics Data (Anonymised) | 26 months |
9. Your Legal Rights
Under UK data protection law, you have rights including:
- Right of Access: To request a copy of your personal data.
- Right to Rectification: To request correction of inaccurate data.
- Right to Erasure: To request that we delete your data.
- Right to Restrict Processing: To request that we suspend processing.
- Right to Data Portability: To request transfer of your data.
- Right to Object: To object to processing based on our legitimate interests.
- Right to Withdraw Consent: To withdraw consent at any time where we rely on it.
To exercise any of these rights, please contact us at privacy@flowedgeai.com.
10. Security
We have implemented appropriate security measures, including encryption, access controls, and regular security reviews, to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way.
11. Children's Data
Our services are not intended for children, and we do not knowingly collect data relating to children. If you believe we have inadvertently collected such data, please contact us to request its deletion.
12. Complaints
If you have any concerns about our use of your personal information, you can make a complaint to us at privacy@flowedgeai.com. You also have the right to complain to the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection issues. Their contact details are:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Website: ico.org.uk.