1. About This Privacy Policy
This privacy policy explains how Resultsense Limited ("we", "our", "us") collects, uses, and protects your personal information when you interact with our website and content.
Regulatory Compliance: This policy complies with:
- • UK General Data Protection Regulation (UK GDPR)
- • Data Protection Act 2018
- • Privacy and Electronic Communications Regulations 2003 (PECR)
- • Equality Act 2010 (accessibility requirements)
2. Information We Collect
2.1 Contact Form Data
When you contact us through our website form, we collect:
- • Full name - to address you personally in our response
- • Email address - to send our reply
- • Your message - to understand your enquiry and provide relevant assistance
2.2 Website Usage Data
We operate a privacy-first website. The data automatically collected is:
- • Server logs: IP addresses, timestamps, pages visited, and browser information for security and technical maintenance purposes (processed by Cloudflare as our hosting provider, retained for 30 days)
- • Contact form rate limiting: IP addresses temporarily stored for up to 2 minutes in Cloudflare KV to prevent abuse (5 submissions per minute limit)
2.3 Data We Don't Collect
We operate a privacy-first approach and don't collect cookies, tracking data, user accounts, payment information, or special category personal data.
3. Legal Basis for Processing
We process your personal data under the following legal bases:
3.1 Contact Enquiries
Legal Basis: Legitimate Interests (Article 6(1)(f) UK GDPR)
Our Interest: Responding to reader enquiries, tips, and feedback about our AI news and content
Your Rights: You can object to this processing at any time
Balancing Test: We consider this processing reasonable given the voluntary nature of contact, minimal data use, and clear business necessity.
3.2 Legal Obligations
Legal Basis: Legal Obligation (Article 6(1)(c) UK GDPR)
Examples:
- • Retention of business records for tax purposes (6 years)
- • Compliance with court orders or regulatory investigations
- • Anti-money laundering checks if required
4. How We Use Your Information
4.1 Primary Uses
- • Responding to enquiries: Addressing reader tips, feedback, and questions about our AI news coverage
- • Content delivery: Publishing and distributing AI news, analysis, and insights
- • Business communication: Administrative matters and correspondence
- • Legal compliance: Meeting statutory requirements and professional obligations
5. Data Retention
We keep your personal information only as long as necessary:
5.1 Retention Schedule
| Data Type | Retention Period | Reason |
|---|---|---|
Contact enquiries | 6 months | Follow-up and improvement |
Legal correspondence | 6 years | Statute of limitations |
Website server logs | 30 days | Security monitoring (managed by Cloudflare) |
Rate limiting data | 2 minutes | Contact form abuse prevention (Cloudflare KV) |
5.2 Secure Deletion
At the end of retention periods, we securely delete electronic records and notify processors to delete data from their systems.
6. Data Sharing and Third Parties
6.1 Service Providers (Data Processors)
We carefully select processors who provide adequate guarantees for data protection. All processors operate under their standard terms of service which incorporate appropriate data protection safeguards:
Email Services: Resend (US-based) for enquiry responses. Resend's standard terms include Data Protection Act 2018 compliance and Standard Contractual Clauses for international transfers.
Website Hosting: Cloudflare Inc for hosting and security. Cloudflare operates under EU-US Data Privacy Framework safeguards and their standard data processing terms.
Anti-Spam: hCaptcha for form protection. Data shared: hCaptcha token, IP address, browser fingerprint data. hCaptcha's standard terms include Standard Contractual Clauses for international transfers.
6.2 Professional Service Providers
We share necessary data with professional advisors (accountants, legal advisors) for regulatory compliance and business operations under legal obligation and legitimate interest bases.
7. International Data Transfers
7.1 Transfer Safeguards
When we transfer data outside the UK, we ensure adequate protection:
United States Transfers:
- • EU-US Data Privacy Framework for participating organisations
- • Standard Contractual Clauses as primary safeguard
- • Supplementary measures including encryption and access controls
- • Regular reviews of transfer arrangements and adequacy decisions
8. Your Data Protection Rights
8.1 Rights Under UK GDPR
You have the following rights regarding your personal data:
Right of Access (Article 15)
- • Request copies of your personal data
- • Information about how we process your data
- • Details of retention periods and sharing arrangements
- • How to exercise: Email privacy@resultsense.com with identification
Right to Rectification (Article 16)
- • Correct inaccurate personal data
- • Complete incomplete personal data
- • How to exercise: Contact us with correct information and evidence
Right to Erasure (Article 17)
- • Request deletion of your personal data
- • Limitations: Legal obligations may prevent immediate deletion (e.g., tax records)
- • How to exercise: Email privacy@resultsense.com with specific deletion request
Right to Restrict Processing (Article 18)
- • Limit how we process your data while disputes are resolved
- • Circumstances: When accuracy is contested, processing is unlawful, or you object to processing
Right to Object (Article 21)
- • Object to processing based on legitimate interests
- • Absolute right: For direct marketing purposes
- • Balanced consideration: For other legitimate interests
Right to Data Portability (Article 20)
- • Receive your data in machine-readable format
- • Transfer data to another service provider
- • Applies to: Data provided with consent or for contract performance
8.2 Response Times
- • Acknowledgement: Within 72 hours
- • Full response: Within 30 days (may extend to 90 days for complex requests)
- • Free of charge unless requests are manifestly unfounded or excessive
9. Data Security Measures
We protect your personal data using appropriate technical and organisational security measures, including:
Technical Measures:
- • Encryption of data in transit and at rest
- • Multi-factor authentication for system access
- • Web Application Firewall and DDoS protection
- • Regular security updates and monitoring
Organisational Measures:
- • Staff training on data protection
- • Confidentiality agreements for all personnel
- • Documented procedures for data handling
- • Secure disposal of devices and documents
10. Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will:
- • Notify the ICO within 72 hours of discovery
- • Notify affected individuals without undue delay
- • Provide clear information about the nature of the breach
- • Explain steps taken to address the breach
- • Offer practical advice on protecting yourself
12. Children's Privacy
Our AI news and analysis content is designed for professional readers aged 18 and over. We do not knowingly collect data from children under 18. If we become aware of such data, we will delete it immediately unless legal obligations prevent this.
13. Content Publication
13.1 News and Analysis Content
We publish AI news, analysis, and insights articles on our website. When referencing publicly available information in our articles, we may include:
- • Names and roles of public figures in business and technology
- • Publicly stated positions, quotes, and announcements
- • Company names and publicly available business information
13.2 Legal Basis for Processing
Legal Basis: Legitimate Interests (Article 6(1)(f) UK GDPR)
Our Interest: Publishing factual, well-sourced AI news and analysis for our readership.
Balancing Consideration: We process only publicly available information within a journalistic and editorial context. We believe this processing is reasonable given:
- • Information is already in the public domain
- • Processing occurs in a professional editorial context
- • We attribute sources and link to original reporting
- • No special category or sensitive personal data is processed
13.3 Your Rights
Right to Object: If you are mentioned in our content and wish to request a correction or removal, email privacy@resultsense.com. We will review your request within 30 days.
Other Rights: You retain all standard UK GDPR rights detailed in Section 8.
14. Complaints and Concerns
14.1 Contact Us First
If you have concerns about our data processing:
- • Email: privacy@resultsense.com
- • We will acknowledge your complaint within 72 hours
- • Full investigation and response within 30 days
14.2 Information Commissioner's Office (ICO)
If you're not satisfied with our response, you can complain to the ICO:
- • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
- • Phone: 0303 123 1113
- • Website: ico.org.uk/make-a-complaint
15. Changes to This Privacy Policy
We may update this privacy policy from time to time. For significant changes, we will:
- • Post a notice on our website
- • Update the "Last Updated" date at the top of this policy
Minor changes (such as contact details or clarifications) will be updated immediately with a new effective date.
16. Contact Information
Data Protection Enquiries:
Email: privacy@resultsense.com
Response time: Within 72 hours for acknowledgement, 30 days for full response
Business Enquiries:
Email: hello@resultsense.com
Company Information:
Resultsense Limited
Company Registration Number: 16733701
Registered Office: 15 Skyline Court, 9 Grange Yard, London SE1 3AN
Your privacy matters to us. We're committed to protecting your data and being transparent about how we use it. If you have questions about this policy or our data practices, please don't hesitate to contact us at privacy@resultsense.com.