AIC-AI ("we," "us," "our," or the "Company") is an AI-powered sales automation agency. We are committed to protecting the personal data of everyone who interacts with our business — including visitors to our website, prospective clients, existing clients, and the end contacts processed through our AI systems on behalf of our clients.
This Privacy Policy explains:
What personal data we collect and why
How we use, store, and share that data
Your rights under applicable data protection law
How to contact us with questions or requests
This policy applies to personal data processed through our website at https://www.aic-ai.net and through our AI-powered services including the Database Reactivation Bot, Speed to Lead AI Bot, Out of Hours AI Bot, and Google Reviews AI Bot (collectively, the "Services").
For personal data collected directly through our website (such as enquiry forms, booking forms, and analytics), AIC-AI acts as the data controller — meaning we determine the purposes and means of processing that data.
Contact details:
Website: https://www.aic-ai.net
Contact form: https://www.aic-ai.net/contact
When AIC-AI operates its AI bots on behalf of a client — processing the client's lead database, sending outbound SMS messages, or responding to Google reviews — AIC-AI acts as a data processor. In these cases, the client is the data controller and is solely responsible for the lawful basis under which their contacts' personal data is held and used.
If you are an individual who has been contacted via an AIC-AI-powered bot on behalf of one of our clients, please contact that business directly regarding your data rights. AIC-AI processes such data only on documented instructions from our clients.
When you interact with our website or book a strategy call, we may collect:
Identity data - First name, last name, job title, company name
Contact data - Email address, phone number
Business data - Industry, number of leads in database, average order value
Communication data - Messages sent via our contact form or enquiry pages
Booking data - Date, time, and preferences submitted via our calendar tool
When you visit our website, we may automatically collect:
Technical data - IP address, browser type and version, operating system, device type
Usage data - Pages visited, time spent on pages, referring URLs, click paths
Cookie data - Session cookies, analytics cookies, preference cookies
See Section 10 for full details on our use of cookies.
When delivering our Services, we process personal data uploaded or provided by our business clients. This may include:
Names and contact details of leads (phone numbers, email addresses)
Previous interaction history with the client's business
Enquiry details and product or service interests
Google review content (names, usernames, review text)
We process this data strictly on the instructions of our clients and do not use it for our own marketing or analytical purposes.
We process personal data only where we have a lawful basis to do so. Below sets out our purposes and the corresponding legal bases under UK GDPR / EU GDPR.Lawfu
Responding to your enquiry or contact form submission - Legitimate interests / Pre-contractual steps
Booking and managing strategy calls - Performance of a contract / Pre-contractual steps
Providing our AI automation Services to clients - Performance of a contract
Sending service-related communications (updates, invoices) - Performance of a contract
Improving our website and Services - Legitimate interests
Analysing website usage via analytics tools - Legitimate interests / Consent (where cookies are used)
Complying with legal obligations (tax, fraud prevention) - Legal obligation
Marketing our Services to prospective clients - Legitimate interests (B2B) / Consent (where required)
Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms. You may object to processing carried out on this basis — see Section 8 for your rights. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
We may contact prospective business clients about our Services where we have a legitimate interest in doing so, in accordance with applicable UK and EU regulations including the Privacy and Electronic Communications Regulations (PECR).
You can opt out of marketing communications from us at any time by:
Clicking the unsubscribe link in any marketing email
Contacting us via https://www.aic-ai.net/contact
Opting out of marketing will not affect your receipt of service-related communications (e.g., invoices, campaign updates).
AIC-AI's AI bots send automated SMS and messaging communications on behalf of our clients. Our clients are solely responsible for obtaining the necessary consents or establishing the appropriate lawful basis for those communications. AIC-AI does not independently solicit or market to end contacts on its own behalf through client campaigns.
We do not sell your personal data. We may share data with third parties only in the following circumstances:
We work with trusted third-party technology providers to deliver our Services. These may include:
SMS messaging platforms - Sending and receiving automated SMS communications
CRM and pipeline tools - Managing client relationships and campaign data
Calendar and booking tools - Managing strategy call bookings
Cloud hosting providers - Storing data securely
Analytics tools - Understanding website usage
Payment processors - Processing invoices and payments
All sub-processors are subject to data processing agreements and are required to process personal data only on our instructions and in compliance with applicable data protection law.
Our Google Reviews AI Bot interacts with the Google Business Profile platform. Reviews, business owner responses, and associated metadata are subject to Google's own privacy policy and terms of service. We access Google review data solely to generate and post responses on behalf of our clients.
We may disclose personal data to law enforcement agencies, courts, regulatory bodies, or other authorities where we are legally required to do so or where necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
In the event of a merger, acquisition, restructuring, or sale of all or part of our business, personal data may be transferred to the relevant third party as part of that transaction, subject to equivalent data protection obligations.
AIC-AI operates primarily from the United Kingdom. Some of our third-party service providers may process personal data outside the UK or European Economic Area (EEA).
Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as:
The UK's International Data Transfer Agreement (IDTA) or Addendum to the EU Standard Contractual Clauses
EU Standard Contractual Clauses (SCCs) issued by the European Commission
Transfers to countries with an adequacy decision from the UK Secretary of State or European Commission
You may request information about the safeguards governing any international transfers by contacting us via our website.
Depending on your location and applicable law, you may have the following rights regarding your personal data:
Right of Access - Request a copy of the personal data we hold about you
Right to Rectification - Request correction of inaccurate or incomplete data
Right to Erasure - Request deletion of your personal data in certain circumstances
Right to Restriction - Request that we limit how we use your data
Right to Data Portability - Receive your data in a structured, machine-readable format
Right to Object - Object to processing based on legitimate interests or for direct marketing
Rights re: Automated Decision-Making - Request human review of any automated decisions that significantly affect you
Right to Withdraw Consent - Withdraw consent at any time where processing is consent-based
How to exercise your rights: Submit a request via our contact form at https://www.aic-ai.net/contact. We will respond within one calendar month in accordance with UK GDPR requirements. We may need to verify your identity before processing your request.
Note for contacts of our clients: If you have been contacted through an AIC-AI-powered bot on behalf of one of our business clients, your data rights should be directed to that business, as they are the data controller. AIC-AI will support clients in honouring such requests.
Right to complain: If you are located in the UK, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at https://ico.org.uk or by calling 0303 123 1113. If you are located in the EU, you may contact your local supervisory authority.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, and in accordance with our legal obligations.
Website enquiry and contact form data - 2 years from last contact
Client account and contract data - 7 years from end of contract (for tax/legal compliance)
Campaign and lead processing data - Duration of client contract, then deleted within 30 days of termination
Website analytics data - Up to 26 months (aggregated/anonymized thereafter)
Cookie consent records - 3 years
Financial records - 7 years (UK legal requirement)
When data is no longer needed, we securely delete or anonymise it in accordance with our data disposal procedures.
Our website uses cookies and similar tracking technologies to improve your browsing experience and to analyse website traffic.
Strictly Necessary - Essential for the website to function (session management, security)
Analytics / Performance - Understand how visitors use the site (e.g., page views, traffic sources)
Functional - Remember your preferences and settings
Marketing - Track interactions to measure campaign effectiveness (where consent is obtained)
You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. Where required by law, we will obtain your consent before placing non-essential cookies.
For more information about cookies and how to manage them, visit https://www.allaboutcookies.org.
We implement appropriate technical and organisational security measures to protect personal data against unauthorised access, loss, destruction, or alteration. These measures include:
Encryption of data in transit (TLS/SSL)
Access controls and authentication requirements
Regular security reviews and staff training
Data minimisation practices
Sub-processor security assessments
No method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect personal data, we cannot guarantee absolute security.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach and will notify affected individuals where required by law.
Our Services are directed exclusively at businesses and are not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data relating to a minor, please contact us immediately and we will take steps to delete it promptly.
Our website may contain links to third-party websites, including social media platforms, booking tools, and partner sites. This Privacy Policy does not apply to those websites. We encourage you to read the privacy policies of any third-party sites you visit, as we have no control over their content or privacy practices.
AIC-AI's Services involve the use of artificial intelligence to generate and send automated messages (including SMS) on behalf of our clients. These messages are sent in the client's brand voice and represent the client's business, not AIC-AI.
Recipients of AI-generated messages via our client campaigns have the right to:
Request to be removed from future communications by replying with "STOP" or an equivalent opt-out instruction
Contact the originating business directly to exercise data rights
AIC-AI's systems are designed to honour opt-out requests promptly. Any "STOP" or unsubscribe signal received through our messaging systems is processed and the relevant contact is suppressed from future outreach.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this policy. Where required by law, we will provide more prominent notice (such as email notification to active clients).
We encourage you to review this policy periodically to stay informed about how we protect your information.
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
Contact Form: https://www.aic-ai.net/contact
Website: https://www.aic-ai.net
We aim to respond to all data-related requests within 30 days of receipt. In complex cases, we may extend this period by a further two months, in which case we will inform you of the extension and the reasons for it.