Privacy Policy

This Privacy Policy explains how Silver Lined AI Ltd (“Silver Lined AI”, “we”, “us” or “our”) collects, uses, shares and protects your personal data when you visit www.silverlinedai.com (the “Site”) or get in touch with us. It also sets out your rights under the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

1. Who we are

Silver Lined AI Ltd is the “data controller” responsible for your personal data processed through this Site. That means we decide how and why it is used. Our details are:

We are registered with the UK Information Commissioner’s Office (ICO) as a data controller and pay the data protection fee. We are not required by law to appoint a Data Protection Officer, but David Huston is our point of contact for all privacy matters and you can reach him at the email above.

2. What data we collect

2.1 Information you give us

When you complete the contact form on this Site, we collect:

• Your first and last name (required);
• Your work email address (required);
• Your company name (optional);
• The content of your message (required), and anything else you choose to include in it.

Please only send us the information we need to deal with your enquiry. We ask that you do not include special category data (for example details about health, ethnicity, religion, political opinions or biometric data) in your message, as we have no need to process it.

2.2 Information we collect automatically

When you visit the Site, our hosting provider automatically records limited technical information in server logs, which may include your IP address, browser type and version, device information, the pages you view and the date and time of your visit. We use this only to keep the Site secure, available and working correctly, and to investigate any technical problems or misuse.

The contact form also contains a hidden anti-spam field (a “honeypot”). It is only used to detect automated spam submissions and its contents are not stored.

2.3 Web fonts

The Site uses the “Inter” web font served by Google Fonts. When a page loads, your browser requests the font files from Google’s servers, which means Google receives your IP address as part of that request. We do not control how Google processes that information; see Google’s privacy information at policies.google.com/privacy.

3. How and why we use your data

We use the personal data described above to:

• Respond to your enquiry and have a conversation about your needs and our services;
• Provide information you have requested and, where relevant, take steps towards a possible engagement at your request;
• Keep the Site secure and reliable, and prevent fraud, spam and abuse;
• Comply with our legal and regulatory obligations where we are required to.

We do not use the details you submit to send you marketing or newsletters, and we do not carry out any automated decision-making or profiling that produces legal or similarly significant effects about you.

4. Our lawful bases for processing

Under the UK GDPR we must have a “lawful basis” for each use of your personal data. We rely on:

• Legitimate interests (Article 6(1)(f)) — to respond to and manage enquiries about our consultancy services, and to keep our Site secure. Our legitimate interest is in operating and growing our business and communicating with people who contact us; we have balanced this against your interests and rights and consider this processing to be low-impact and what you would reasonably expect when you message us. You can object to this processing at any time (see section 10).
• Steps prior to entering a contract (Article 6(1)(b)) — where your enquiry is a step towards a possible engagement and you have asked us to take it.
• Legal obligation (Article 6(1)(c)) — where we have to process or retain information to comply with the law.

5. Who we share your data with

We do not sell your personal data and we do not share it for anyone else’s marketing. We do use a small number of trusted service providers (“processors”) who handle data on our behalf and only on our instructions. The current recipients are:

We may also disclose personal data if required to do so by law, by a regulator such as the ICO, or to establish, exercise or defend legal claims. If our business is restructured, merged or sold, personal data may be transferred to the relevant party, who would remain bound by this policy or an equivalent.

6. International data transfers

Some of our providers (notably Web3Forms and Google) are based in, or process data in, the United States. Where your personal data is transferred outside the UK, we rely on appropriate safeguards recognised under the UK GDPR — such as the UK’s International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or a provider’s certification under the UK Extension to the EU–US Data Privacy Framework — so that your data continues to receive a level of protection essentially equivalent to that under UK law. You can ask us for more detail on the safeguards that apply using the contact details in section 14.

7. How long we keep your data

We keep personal data only for as long as we need it for the purposes set out in this policy. In practice:

• Contact enquiries are kept for up to 12 months after our last contact with you about the enquiry, and then deleted — unless you go on to become a client, in which case the data is retained under the terms of our engagement, or unless we need to keep it longer to comply with a legal obligation or to deal with a dispute.
• Technical server logs are kept only for a short period by our hosting provider for security and troubleshooting, after which they are routinely overwritten or deleted.

8. How we protect your data

We take appropriate technical and organisational measures to keep your personal data secure. These include serving the entire Site over an encrypted HTTPS connection, applying security response headers (such as X-Frame-Options and X-Content-Type-Options), choosing reputable providers who maintain their own recognised security standards, and limiting access to enquiry data to those who need it to respond to you. No method of transmission or storage is ever completely secure, but we work to protect your data and to deal promptly with any suspected incident.

9. Cookies & tracking

This Site does not set its own cookies, and we do not use analytics, advertising or social-media tracking technologies. The only third-party connection made as a normal part of loading a page is the request to Google Fonts described in section 2.3, which does not set cookies but does receive your IP address. Because we do not place non-essential cookies, you will not see a cookie consent banner on this Site. If this changes in future, we will update this policy and seek your consent where the law requires it under the Privacy and Electronic Communications Regulations (PECR).

10. Your rights

Under the UK GDPR you have the following rights in relation to your personal data:

• Access — to be told whether we hold your data and to receive a copy of it;
• Rectification — to have inaccurate or incomplete data corrected;
• Erasure — to have your data deleted where there is no good reason for us to keep it (the “right to be forgotten”);
• Restriction — to ask us to limit how we use your data in certain circumstances;
• Objection — to object to processing based on our legitimate interests;
• Portability — to receive certain data in a portable, machine-readable format;
• Rights regarding automated decisions — though, as noted, we do not carry out solely automated decision-making.

To exercise any of these rights, email david.huston@silverlinedai.com. We will respond within one month (which we may extend by up to two further months for complex requests, in which case we will tell you). Exercising your rights is normally free of charge. We may need to verify your identity before we act on a request.

11. Children’s data

Our Site and services are aimed at businesses and professionals, not children. We do not knowingly collect personal data relating to children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Our approach to data protection

We design our processing to follow the data protection principles in the UK GDPR: we collect only the minimum data we need (data minimisation), use it only for the purposes described here (purpose limitation), keep it accurate, hold it no longer than necessary, and protect it appropriately. We have assessed the personal data processing carried out through this Site and consider it to be low-risk: it does not involve large-scale processing, profiling, special category data, automated decision-making or the monitoring of public spaces, and so it does not meet the threshold that would require a formal Data Protection Impact Assessment. We keep this assessment under review and will carry out a DPIA if we introduce any new, higher-risk processing.

13. Changes to this policy

We may update this policy from time to time to reflect changes in our practices or the law. When we do, we will revise the “Last updated” date at the top of the page, and where the changes are significant we will take reasonable steps to bring them to your attention. We encourage you to review this page periodically.

14. How to contact us & how to complain

If you have any questions about this policy or about how we handle your personal data, or you wish to exercise any of your rights, please contact:

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection, at any time. We would, however, appreciate the chance to address your concerns first, so please do consider contacting us before you approach the ICO.

← Back to home