1. Who We Are

Futurai LTD, registered in England and Wales under company number 16232077, with its registered office at 5 Brayford Square, London, E1 0SG, operates as the data controller responsible for your personal data.

For any questions about this Privacy Policy or to exercise your data rights, please contact us:

• Email: [email protected]
• Postal Address: Futurai LTD, 5 Brayford Square, London, E1 0SG

You also have the right to contact the Information Commissioner's Office (ICO) regarding data concerns. However, we encourage you to reach out to us first so we can address your concerns directly.

2. Scope of This Privacy Policy

This policy explains how we manage personal data when you:

• Use our website, applications, and services.
• Interact with our marketing communications.
• Provide personal information during inquiries or customer support interactions.

Please note that this policy does not apply to third-party websites linked from our platforms. We encourage you to review the privacy policies of those websites separately.

3. Data We Collect About You

We collect various types of data to provide and improve our services:

• Identity Data: Full name, date of birth, gender, and similar identifiers.
• Contact Data: Email address, phone numbers, and mailing address.
• Account Data: Login credentials, user preferences.
• Payment Information: Billing details, including card numbers (securely processed by third-party payment providers).
• Technical Data: IP address, browser type, device identifiers, operating system, and app usage data.
• Usage Data: Information about how you interact with our website, apps, and services.
• Marketing Data: Preferences related to receiving marketing materials and communication preferences.
• Special Category Data: Information related to health or ethnicity, collected only with your explicit consent when necessary.

4. How We Collect Your Data

We gather data through various methods:

• Direct Interactions: When you sign up, contact us, or participate in surveys.
• Automated Technologies: Cookies, server logs, and similar technologies collect data as you interact with our platforms.
• Third Parties: Information from analytics providers, marketing platforms, and payment processors.

5. How We Use Your Data

We process personal data based on the following legal grounds:

• Performance of a Contract: To deliver the services you request.
• Legal Obligations: To comply with legal or regulatory requirements.
• Legitimate Interests: For business purposes such as improving services, marketing, and fraud prevention.
• Consent: Where required, especially for sensitive data and marketing communications.

Key Purposes Include:

• Managing your account and service requests.
• Processing payments securely.
• Providing customer support.
• Sending updates, newsletters, and promotional materials (with your consent).
• Conducting research and analytics to enhance our offerings.
• Ensuring security, fraud prevention, and legal compliance.

6. Sharing Your Data

We may share your personal data with:

• Service Providers: Companies that help us with IT, payment processing, customer support, and marketing.
• Regulatory Bodies: When required by law or for legal claims.
• Business Transfers: In the event of mergers, acquisitions, or asset sales.
• Marketing Partners: Only with your consent for third-party marketing purposes.

All third parties are required to handle your data securely and only for specified purposes.

6A. Processing by AI Providers (Generative AI)

To operate certain features of our AI agents, we may transmit limited content you provide (for example, messages, prompts, and technical context) to trusted third-party AI providers acting as our data processors. This content is used solely to deliver the requested service (for example, generating responses and executing tools) and is not used to train the providers’ foundation models, unless you explicitly opt in or instruct us otherwise in writing.

Legal basis (GDPR): performance of a contract and/or legitimate interests (service delivery, reliability, and security). When personal data is involved, we apply data-minimization and appropriate security measures.

Retention: we keep records only as long as necessary for operations, security, and legal compliance. AI providers may retain operational logs for a limited period for abuse detection and service reliability; these logs are not used to train models. For use cases that require heightened confidentiality, we offer zero data retention modes on eligible endpoints upon request and subject to commercial terms.

International transfers: where AI processing entails cross-border transfers, we implement appropriate safeguards (e.g., Standard Contractual Clauses) and internal controls. See also Section 7 “International Data Transfers”.

Minimization & security: we avoid sending secrets or unnecessary sensitive data to AI providers. We enforce encryption in transit (TLS), role-based access controls, and, where feasible, pseudonymization/anonymization prior to transmission.

Sub-processors: AI providers and other critical vendors act as sub-processors for specific functionalities. We will update this policy if there are material changes to our sub-processor list.

7. International Data Transfers

Some of our partners operate outside the UK and EEA. When transferring your data internationally, we ensure safeguards are in place, such as:

• Adequacy Decisions: Where the destination country offers adequate protection.
• Standard Contractual Clauses: Approved legal mechanisms for data protection.
• Privacy Shield Frameworks: For transfers to the US (if applicable).

8. Data Security

We implement technical and organizational measures to protect your data, including encryption, secure servers, and access controls. In the unlikely event of a data breach, we will notify affected individuals and relevant authorities as required by law.

9. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, including legal, accounting, or reporting obligations. The retention period may vary depending on the nature of the data and legal requirements.

10. Your Data Protection Rights

You have the following rights regarding your personal data:

• Access: Request a copy of the data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of data where no longer necessary.
• Restriction: Request to limit data processing in certain circumstances.
• Portability: Request transfer of your data to another service provider.
• Objection: Object to processing for direct marketing or legitimate interests.
• Withdraw Consent: At any time, where consent is the legal basis for processing.

To exercise these rights, please contact us at [email protected].

11. Marketing Preferences

You can manage your marketing preferences at any time by:

• Adjusting your account settings.
• Clicking the "unsubscribe" link in emails.
• Contacting us directly.

We will only send third-party marketing communications with your express consent.

12. Cookies and Tracking Technologies

We use cookies to enhance your experience, analyze website traffic, and serve personalized content. You can control cookie settings via your browser. For more details, refer to our Cookie Policy.

13. Changes to This Privacy Policy

We may update this policy periodically. Any changes will be posted on this page, and where appropriate, notified via email. We encourage you to review this policy regularly to stay informed.

14. Contact Us

For questions, concerns, or to exercise your data rights, contact:

Futurai LTD
Address: 5 Brayford Square, London, E1 0SG
Email: [email protected]

If you are not satisfied with our response, you have the right to lodge a complaint with the ICO at www.ico.org.uk.