Privacy Policy
Effective date: 5 February 2026
Business name: IP automation
Business type: Sole trader
Business address: CR0 8LP, 70 Border Gardens, United Kingdom
Email: [email protected]
Website: [Website URL – add when live]
This Privacy Policy explains how IP automation (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you visit our website, contact us, or interact with AI systems we operate.
It is intended to meet transparency requirements under the UK GDPR and the Data Protection Act 2018.
1) Who we are
We are the “controller” for personal data we collect and use for our own business purposes (for example, our website enquiries, sales, marketing, and client management).
In some cases, when we provide services to a client and process data within the client’s systems, we may act as a “processor” on the client’s instructions.
2) What we do (AI agency)
We provide AI chatbots for lead generation, AI-powered automations, CRM integrations, and voice agents.
Our systems may interact with leads via channels such as SMS and WhatsApp, and may qualify leads automatically to help route conversations efficiently.
3) Personal data we collect
We may collect and process the following types of personal data (depending on how you interact with us):
Contact and identity data: name, email address, phone number, business name, and any information you choose to provide.
Communication data: messages and content you send to us (including via forms, email, SMS, WhatsApp, or chat), and records of communications with our AI systems.
Appointment and lead data: availability, booking details, lead status (e.g., qualified/unqualified), and notes created during the sales process.
Technical data: IP address, device and browser information, and website usage data (where applicable).
Client/customer data: details needed to deliver our services (e.g., onboarding information, CRM configuration details, and support communications).
Sensitive data: You told us you do not intend to collect special category (sensitive) data.
Please do not send sensitive information (for example, health information) to us or through our AI systems.
4) How we collect data
We collect personal data in the following ways:
When you contact us directly (e.g., email or web form).
When you communicate with our AI systems (e.g., SMS/WhatsApp/chat/voice).
When our clients provide data to us as part of delivering services (e.g., data stored in their CRM).
5) How we use your data
We use personal data for purposes including:
Providing and operating our services (chatbots, automations, CRM/voice agent functionality).
Responding to enquiries and providing customer support.
Lead management, qualification, and scheduling.
Sending service messages (e.g., confirmations, updates).
Marketing and business development (where permitted).
Security, fraud prevention, and service improvement.
Legal, accounting, and compliance obligations.
6) Lawful bases (UK GDPR)
UK GDPR requires us to have a lawful basis for each use of personal data.
Depending on the context, we rely on one or more of the following:
Contract: where processing is needed to provide services or take steps before entering a contract.
Legitimate interests: where we have a genuine business reason (e.g., responding to enquiries, improving services, preventing fraud) and it is not overridden by your rights.
Consent: where required, especially for certain types of direct marketing and some cookies/online tracking (when implemented).
Legal obligation: where we must process data to comply with law (e.g., record-keeping).
Direct marketing note: The ICO explains that consent and legitimate interests are commonly used lawful bases for direct marketing, and PECR can require consent for certain electronic marketing.
7) Marketing preferences
If you receive marketing from us, you can opt out at any time by using the unsubscribe/opt-out method in the message or by emailing [email protected].
Opting out will not stop service or administrative messages where those are necessary (for example, responding to a request you made).
8) Cookies and similar technologies
At the moment, you told us you do not have a cookie tool in place.
When our website is live, we may use cookies and similar technologies for functionality, analytics, and marketing, and we will provide a cookie notice/banner if required.
9) AI, model training, and conversation logs
AI communications: Our AI may communicate with you (for example by SMS/WhatsApp) as part of lead engagement and qualification.
Conversation storage: You told us conversation data may be stored in GoHighLevel and kept until the relevant account is deleted (unless we need to keep it longer for legal reasons).
Training data: You told us we may use some data to improve our AI systems/workflows, and that an opt-out is available; if you want to opt out, email [email protected].
10) Automated decision-making (lead qualification)
Our systems may use automated rules to mark a lead as “unqualified” or to stop outreach where a lead is not a fit or is not interested.
You told us this is used to stop outreach or mark status, and is not intended to produce legal or similarly significant effects on individuals.
If you believe an automated outcome is incorrect, you can contact us at [email protected] to request a review.
11) Who we share data with
We may share personal data with service providers that help us deliver our services and run our business, including:
GoHighLevel (CRM, conversation storage, workflow management).
Twilio (communications delivery such as SMS/WhatsApp, where enabled).
AI providers such as OpenAI, Google, and Grok (to support AI features and outputs).
We share data only as needed for the purposes described in this policy and expect suppliers to protect it.
12) International data transfers
We are UK-based, but some suppliers may process or store data outside the UK depending on their infrastructure.
Where UK law treats this as a restricted transfer, we will use appropriate safeguards designed for UK transfers (for example, the UK IDTA and/or the UK Addendum) where required.
13) How long we keep your data
We keep personal data only as long as needed for the purposes in this policy, including legal, accounting, or reporting requirements.
Where you interact with our AI systems via platforms like GoHighLevel, data is generally retained until account deletion (unless a longer period is required by law or needed for disputes).
14) Security
We use appropriate technical and organisational measures to protect personal data, including encryption.
No method of transmission or storage is completely secure, but we take steps to reduce risk and protect your information.
15) Your rights (UK)
Under UK GDPR, you may have rights including: access, rectification, erasure, restriction, objection, and data portability.
Where we rely on consent, you also have the right to withdraw consent at any time.
To exercise your rights, contact us at: [email protected].
You also have the right to complain to the UK Information Commissioner’s Office (ICO).
16) Children
Our services are not intended for children, and we do not knowingly collect personal data from children.
17) Changes to this Privacy Policy
We may update this Privacy Policy from time to time.
When we update it, we will change the effective date at the top.