This policy explains how SWARM AI Systems Ltd (“SWARM”, “we”) collects, uses, and protects personal data. It is written to meet our obligations under the UK General Data Protection Regulation and the Data Protection Act 2018.
If anything is unclear, email stephen@swarmaisystems.com and we will answer in plain English.
SWARM Holdings Ltd is a private limited company registered in Scotland (Company No. SC884785), with its registered office in Paisley, Scotland, UK. We trade as “SWARM AI Systems”.
Founder and Data Protection point of contact: Stephen Ward — stephen@swarmaisystems.com.
ICO Registration Number: ZC144402. Registered as a data controller under the Data Protection Act 2018.
| Category | Examples | How we get it |
|---|---|---|
| Contact data | Name, business name, email, phone, country | You give it to us — web form, email, call, or via your business’s public listing |
| Business data | What you sell, current tools, your biggest problem, budget range | You give it to us in the audit questionnaire or by phone |
| Payment data | Card details — processed by Stripe, never stored by us | You enter it on Stripe Checkout when you buy |
| Usage data | Pages visited, clicks, device type, anonymised IP | Your browser tells us via our hosting provider Vercel |
| Communications | Emails, WhatsApp messages, call transcripts and recordings | You send them; we may record calls for training and QA — we will tell you at the start of the call if we are recording |
We do not knowingly collect data from children under 16. If we learn we have, we delete it.
| Purpose | Legal basis (UK GDPR Art. 6) |
|---|---|
| To deliver products you have bought (audit, subscription, module use) | Performance of a contract — Art. 6(1)(b) |
| To answer questions you send us | Legitimate interest in running our business — Art. 6(1)(f) |
| To contact UK businesses for B2B sales (phone, email) | Legitimate interest — Art. 6(1)(f), screened against CTPS where required by PECR |
| To send you marketing about our services | Consent — Art. 6(1)(a). You can opt out at any time, link in every email |
| To comply with tax, accounting and legal duties | Legal obligation — Art. 6(1)(c) |
| To train our AI systems and improve the service | Legitimate interest — Art. 6(1)(f); we anonymise where practical and you can opt out (see §7) |
We use a small number of carefully chosen processors. Each has their own privacy terms; each is bound by a Data Processing Agreement under UK GDPR Art. 28.
We do not sell your data. We do not share it with advertising networks. We do not use it to train third-party AI models without an explicit opt-in from you.
Some of the providers above are based in the United States. Where data must leave the UK/EEA, we rely on the UK’s adequacy decisions, the UK International Data Transfer Agreement, or the EU Standard Contractual Clauses, and we apply additional safeguards (encryption in transit and at rest, minimum-necessary disclosure).
| Type | Retention |
|---|---|
| Audit & subscription customer records | 7 years after the relationship ends (UK tax law) |
| Marketing leads (no purchase) | 24 months from last contact, then deleted |
| Web logs | 12 months |
| Call recordings & transcripts | 13 months unless flagged for a complaint, dispute, or legal hold |
| WhatsApp / email conversations | Lifetime of the customer relationship + 12 months |
Under UK GDPR you have the right to:
To use any of these rights, email stephen@swarmaisystems.com. We will respond within one calendar month, and faster where we can.
If you are unhappy with how we handle a request, you can complain to the UK Information Commissioner’s Office: ico.org.uk/make-a-complaint, helpline 0303 123 1113.
This site uses only essential cookies needed to make the site work and to remember your preferences. We do not use third-party advertising cookies or cross-site tracking. If we add analytics in future, this section will be updated and consent will be requested where required.
We use HTTPS everywhere, Row-Level Security on our database, encrypted backups, and least-privilege access controls. We do not store card details. We perform regular security reviews and update this page if our practices change materially.
If we change anything material in this policy, we will update the “Effective” date at the top and, where the change affects you directly, we will email you.
SWARM AI Systems Ltd, Paisley, Scotland, UK
Company No. SC884785
Email: stephen@swarmaisystems.com