Mindware AI LTD Data Privacy Policy
Effective Date: 2nd July 2024
1. Introduction
Welcome to the Mindware AI data privacy policy. We value your privacy and are committed to protecting your data. This data privacy policy explains how we collect, use, share, and protect the personal information of our business partners, clients, and other third parties in compliance with the UK Data Protection Act 2018 and the UK General Data Protection Regulation (GDPR).
2. Data Collection
2.1 Information We Collect
We may require the following types of data from your organisation:
- Contact details: Name, email address, phone number and postal address
- Business information: Company name, job titles and industry. Private company documents such as HR policies or contract details
- Transactional information: Details about products and services you have. Details about spending habits or behaviours of your customers. Historic revenue figures
- Technical information: IP address, browser type and operating system. Employee behaviour and performance statistics
- Images or live video: Product, manufacturing line and faulty products. Employee and customer feeds from security or monitoring equipment
However, each project will have different data demands. We may require types of data not specified in this section. All data required will be communicated and agreed upon before collection and use.
2.2 How We Collect Information
We collect your organisations data in the following ways:
- Direct interaction: You may provide data by corresponding with us by phone, email or otherwise
- Allowed Access: You may wish to give us access to your data through your own secure systems
3. Use of Data
3.1 Purposes of Data Processing
We use your data for the following purposes:
- To train AI models on data collected, ensuring compliance with relevant regulations and privacy policies
- To communicate with you, including responding to inquiries and sending administrative information
- To personalise your experience with our service
- To improve our website, products and services
- For marketing purposes, with your consent
3.2 Legal Basis for Processing
Our legal basis for processing your data includes:
- Performance of a contract: To fulfil our obligations under any contract with you
- Legitimate interests: To manage our business, improve our services and provide you with effective custom-made AI solutions
- Consent: When you have given us explicit consent to process your data for specific purposes
- Compliance with legal obligations: To comply with regulatory and legal requirements
4. Data Sharing
4.1 Third-Party Service Providers
We may share your data with third-party service providers such as:
- Modern AI API services such as OpenAI's ChatGPT or Midjourney
- IT and system administration services
- Marketing and advertising services
- Payment processing services
Any third-party involvement that includes fine-tuning pretrained models, running data through an AI API or using third party processing services will be clearly communicated before the project begins.
4.2 Legal Requirements
We may disclose your data if required to do so by law or in response to valid requests by public authorities.
4.3 Client Privacy Policies
Wherever sensible and appropriate, we will use and comply with our clients' privacy policies when processing data on their behalf. This includes adhering to their specified data handling, storage, and sharing practices.
5. Data Security
We implement appropriate technical and organizational measures to protect your data from unauthorized access, use, or disclosure. These measures include:
- Secure server and network infrastructure
- Encryption of data in transit and at rest
- Regular security assessments and audits
6. Data Retention
We retain data only for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Once our contract obligations have been met, all data related to that project will no longer be retained unless specified in the contract.
We will conduct regular data reviews to ensure we do not retain any data for longer than necessary.
7. Your Rights
Under the UK GDPR, you have the following rights regarding your data:
- Access: You can request access to your data
- Correction: You can request the correction of data
- Deletion: You can request the deletion of your data
- Objection: You can object to the processing of your data
- Data Portability: You can request the transfer of your data to another party
- Restriction of Processing: You can request that we limit the processing of your data
- Withdrawal of Consent: You can withdraw consent at any time, where relevant
To exercise any of these rights, please contact us as soon as possible.
You also have the right to file a complaint with the Information Commissioner's Office.
8. Training AI Models
We may use the data collected to train AI models. This process will be conducted in compliance with relevant data protection regulations and will respect the privacy policies of our clients where applicable.
9. Changes to This Policy
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date and clients will be notified.
10. Contact Details
If you have any questions about this privacy policy or our data practices, please contact us at:
Mindware AI LTD
info@mindwareai.co.uk
For complaints to the Information Commissioner's Office
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113