Privacy Policy

This Privacy Policy explains how GMD Automation Limited ("GMD Automation", "we", "us", or "our"), incorporated in England and Wales (Company No. 16970320), collects, uses, stores, and shares your personal data when you visit www.gmdautomation.ai (the "Website") or use our services.

We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this policy carefully.

1. Who We Are

Data Controller: GMD Automation Limited
Company Number: 16970320
Website: www.gmdautomation.ai
Contact: You may contact us regarding data protection matters via the contact form on our Website.

2. What Personal Data We Collect

2.1 Information You Provide Directly

When you use our Website or enquire about our services, we may collect:

• Your name and contact details (email address, phone number)
• Your business name, role, and industry
• Information you submit via contact or enquiry forms
• Communications you send to us
• Payment and billing information (processed via secure third-party payment processors)

2.2 Information We Collect Automatically

When you visit our Website, we automatically collect certain technical data, including:

• IP address and browser type
• Pages viewed and time spent on our Website
• Referring URL and device information
• Cookies and similar tracking technologies (see Section 8)

2.3 Information From AI Systems

If you interact with AI-powered tools on our Website (such as chatbots or voice agents), we may collect the content of those interactions, including messages, enquiries, and any information you voluntarily provide during those conversations.

3. How We Use Your Personal Data

We use your personal data for the following purposes and on the following legal bases:

To respond to your enquiries (Legitimate Interests / Contract Performance): We use your contact details to respond to questions and service requests.

To provide and manage our services (Contract Performance): We process your data to set up, deliver, and maintain the AI automation services you have subscribed to.

To send you marketing communications (Consent or Legitimate Interests): With your consent, or where we have a legitimate interest in doing so, we may send you information about our services, updates, and offers. You may opt out at any time.

To improve our Website and services (Legitimate Interests): We analyse usage data to understand how our Website performs and to improve user experience.

To comply with legal obligations (Legal Obligation): We may process your data to comply with applicable laws, regulations, or court orders.

4. Sharing Your Personal Data

We do not sell your personal data. We may share your data with:

• Third-party technology providers (e.g., CRM platforms, AI tools, hosting providers, and scheduling software) used to deliver our services. These providers act as data processors under our instruction.
• Payment processors who handle billing on our behalf using industry-standard security.
• Professional advisers such as solicitors or accountants where necessary.
• Law enforcement or regulatory authorities where required by law.

Where we share data with third-party processors, we ensure appropriate data processing agreements are in place.

5. International Data Transfers

Some of the third-party platforms we use to deliver our AI automation services may operate outside the United Kingdom. Where personal data is transferred to countries outside the UK, we ensure appropriate safeguards are in place, such as the use of UK-approved standard contractual clauses or adequacy decisions.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specifically:

• Enquiry data is retained for up to 2 years from the date of last contact.
• Client data is retained for the duration of our service agreement and for up to 6 years after termination, in accordance with legal requirements.
• Website usage data may be retained in anonymised form for analytical purposes.

On termination of a service agreement, we will dispose of or return client data in accordance with the terms of our Master Services Agreement.

7. Your Rights

Under UK data protection law, you have the following rights:

• Right of access – to request a copy of the personal data we hold about you.
• Right to rectification – to request correction of inaccurate or incomplete data.
• Right to erasure – to request deletion of your data in certain circumstances.
• Right to restriction – to request that we restrict processing of your data.
• Right to data portability – to receive your data in a structured, machine-readable format.
• Right to object – to object to processing based on legitimate interests or for direct marketing.
• Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us using the contact form on our Website. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk.

8. Cookies

Our Website uses cookies and similar technologies to enhance your experience. Cookies are small text files placed on your device when you visit our Website. We use:

• Essential cookies – necessary for the Website to function correctly.
• Analytics cookies – to understand how visitors interact with our Website (e.g., via Google Analytics).
• Marketing cookies – to serve relevant content and track campaign performance, where consented.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our Website.

9. Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

Our AI systems and third-party platforms are selected and configured with security in mind. We take all reasonable steps to prevent the introduction of viruses or vulnerabilities into systems we operate on your behalf.

10. Third-Party Links

Our Website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies before providing any personal information.

11. Children's Privacy

Our Website and services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated policy will be posted on our Website with a revised effective date. We encourage you to review this page periodically.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us via the contact form available at www.gmdautomation.ai.