Privacy Policy

1. About This Privacy Policy

This privacy policy explains how Resultsense Limited ("we", "our", "us") collects, uses, and protects your personal information when you interact with our website and services.

Regulatory Compliance: This policy complies with:

• • UK General Data Protection Regulation (UK GDPR)
• • Data Protection Act 2018
• • Privacy and Electronic Communications Regulations 2003 (PECR)
• • Equality Act 2010 (accessibility requirements)

2. Information We Collect

2.1 Contact Form Data

When you contact us through our website form, we collect:

• • Full name - to address you personally in our response
• • Email address - to send our reply
• • Phone number (optional) - for follow-up calls if you prefer
• • Your message - to understand your enquiry and provide relevant assistance

2.2 Website Usage Data

Currently, we operate a privacy-first website that does not use cookies or tracking technologies. The only data automatically collected is:

• • Server logs: IP addresses, timestamps, pages visited, and browser information for security and technical maintenance purposes (processed by Cloudflare as our hosting provider)

2.3 Future Newsletter Data (When Available)

We plan to offer a newsletter service using double opt-in consent:

• • Email address - to deliver newsletter content
• • Subscription preferences - to personalise content
• • Consent timestamp - to maintain compliance records

2.4 Data We Don't Collect

We operate a privacy-first approach and don't collect cookies, tracking data, user accounts, payment information, or special category personal data.

3. Legal Basis for Processing

We process your personal data under the following legal bases:

3.1 Contact Enquiries

Legal Basis: Legitimate Interests (Article 6(1)(f) UK GDPR)

Our Interest: Responding to business enquiries and providing AI consulting services

Your Rights: You can object to this processing at any time

Balancing Test: We consider this processing reasonable given the voluntary nature of contact, minimal data use, and clear business necessity.

3.2 Client Services

Legal Basis: Contract Performance (Article 6(1)(b) UK GDPR)

Purpose: Delivering agreed consulting services, project management, and support

Duration: For the contract period plus 6 years (HMRC requirements)

3.3 Newsletter (Future)

Legal Basis: Consent (Article 6(1)(a) UK GDPR)

Implementation: Double opt-in process with clear withdrawal options

Your Rights: Withdraw consent at any time through unsubscribe links

3.4 Legal Obligations

Legal Basis: Legal Obligation (Article 6(1)(c) UK GDPR)

Examples:

• • Retention of business records for tax purposes (6 years)
• • Compliance with court orders or regulatory investigations
• • Anti-money laundering checks if required

4. How We Use Your Information

4.1 Primary Uses

• • Responding to enquiries: Providing information about our AI consulting services
• • Service delivery: Managing projects and client relationships
• • Business communication: Updates on projects, invoicing, and administrative matters
• • Legal compliance: Meeting statutory requirements and professional obligations

4.2 Marketing Communications (With Consent Only)

• • Newsletter delivery: Monthly AI insights and industry updates (when available)
• • Relevant service updates: Information about new services that may interest you
• • Industry insights: Sharing knowledge and expertise in AI implementation

5. Data Retention

We keep your personal information only as long as necessary:

5.1 Retention Schedule

5.2 Secure Deletion

At the end of retention periods, we securely delete electronic records and notify processors to delete data from their systems.

6. Data Sharing and Third Parties

6.1 Service Providers (Data Processors)

We carefully select processors who provide adequate guarantees for data protection:

Email Services: Resend (US-based) for enquiry responses with Standard Contractual Clauses protection.

Website Hosting: Cloudflare Inc for hosting and security with EU-US Data Privacy Framework safeguards.

Anti-Spam: hCaptcha for form protection with minimal data processing and Standard Contractual Clauses.

6.2 Professional Service Providers

We share necessary data with professional advisors (accountants, legal advisors) for regulatory compliance and business operations under legal obligation and legitimate interest bases.

7. International Data Transfers

7.1 Transfer Safeguards

When we transfer data outside the UK, we ensure adequate protection:

United States Transfers:

• • EU-US Data Privacy Framework for participating organisations
• • Standard Contractual Clauses as primary safeguard
• • Supplementary measures including encryption and access controls
• • Regular reviews of transfer arrangements and adequacy decisions

We conduct transfer impact assessments to ensure adequate protection for all international data transfers.

8. Your Data Protection Rights

8.1 Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of Access (Article 15)

• • Request copies of your personal data
• • Information about how we process your data
• • Details of retention periods and sharing arrangements
• • How to exercise: Email privacy@resultsense.com with identification

Right to Rectification (Article 16)

• • Correct inaccurate personal data
• • Complete incomplete personal data
• • How to exercise: Contact us with correct information and evidence

Right to Erasure (Article 17)

• • Request deletion of your personal data
• • Limitations: Legal obligations may prevent immediate deletion (e.g., tax records)
• • How to exercise: Email privacy@resultsense.com with specific deletion request

Right to Restrict Processing (Article 18)

• • Limit how we process your data while disputes are resolved
• • Circumstances: When accuracy is contested, processing is unlawful, or you object to processing

Right to Object (Article 21)

• • Object to processing based on legitimate interests
• • Absolute right: For direct marketing purposes
• • Balanced consideration: For other legitimate interests

Right to Data Portability (Article 20)

• • Receive your data in machine-readable format
• • Transfer data to another service provider
• • Applies to: Data provided with consent or for contract performance

8.2 Response Times

• • Acknowledgement: Within 72 hours
• • Full response: Within 30 days (may extend to 90 days for complex requests)
• • Free of charge unless requests are manifestly unfounded or excessive

9. Data Security Measures

We protect your personal data using appropriate technical and organisational security measures, including:

Technical Measures:

• • Encryption of data in transit and at rest
• • Multi-factor authentication for system access
• • Web Application Firewall and DDoS protection
• • Regular security updates and monitoring

Organisational Measures:

• • Staff training on data protection
• • Confidentiality agreements for all personnel
• • Documented procedures for data handling
• • Secure disposal of devices and documents

10. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

• • Notify the ICO within 72 hours of discovery
• • Notify affected individuals without undue delay
• • Provide clear information about the nature of the breach
• • Explain steps taken to address the breach
• • Offer practical advice on protecting yourself

11. Cookies and Tracking Technologies

Resultsense Limited operates a completely cookie-free website with no tracking, analytics cookies, or user profiling. We use server-side analytics for basic performance monitoring without collecting personal data. Should we implement cookies in future, we will provide prior notice and require explicit consent for non-essential cookies.

12. Children's Privacy

Our B2B AI consulting services are designed for business users aged 18 and over. We do not knowingly collect data from children under 18. If we become aware of such data, we will delete it immediately unless legal obligations prevent this.

13. Marketing and Communications

We only send marketing emails with explicit consent. Future newsletter services will use double opt-in with easy unsubscribe options. Contact privacy@resultsense.com to manage communication preferences.

14. Complaints and Concerns

14.1 Contact Us First

If you have concerns about our data processing:

• • Email: privacy@resultsense.com
• • We will acknowledge your complaint within 72 hours
• • Full investigation and response within 30 days

14.2 Information Commissioner's Office (ICO)

If you're not satisfied with our response, you can complain to the ICO:

• • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
• • Phone: 0303 123 1113
• • Website: ico.org.uk/make-a-complaint

15. Changes to This Privacy Policy

We may update this privacy policy from time to time. For significant changes, we will:

• • Post a notice on our website
• • Update the "Last Updated" date at the top of this policy

Minor changes (such as contact details or clarifications) will be updated immediately with a new effective date.

16. Contact Information

Data Protection Enquiries:

Email: privacy@resultsense.com

Response time: Within 72 hours for acknowledgement, 30 days for full response

Business Enquiries:

Email: hello@resultsense.com

Company Information:

Resultsense Limited

Company Registration Number: 16733701

Your privacy matters to us. We're committed to protecting your data and being transparent about how we use it. If you have questions about this policy or our data practices, please don't hesitate to contact us at privacy@resultsense.com.