Skip to main content
AI-Si.com

Legal

Privacy Policy

AI-Si.com data protection — UK GDPR compliant, Birmingham-based.

In plain English

We collect minimal data, never sell it, and you can request deletion at any time. If you have a question about your data, contact us and we'll respond within 30 days.

Effective: 5 May 2026 · Last reviewed: May 2026 · Next review due: May 2027

1. Who We Are

Data Controller: Simon Steggles, trading as AI-Si.com
Business Address: Royal Town of Sutton Coldfield, Birmingham, England
Contact: simon@ai-si.com | 07973 210895
Services: Fractional AI Director services, AI strategy consulting, governance frameworks, staff training, and implementation support for UK SMEs and councils.

Your Rights: Under UK GDPR, you have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

2. What We Collect

You Provide:

  • Contact: Name, email, phone, company, job title
  • Enquiries: Forms, emails, calls
  • Service Data: Project requirements, specs, training records
  • Payment: Billing address, payment method (never card details)

Automatic Collection:

  • Usage: IP, browser, device, pages, time, referrals
  • Cookies: Essential functionality
  • Communications: Email records, call notes

Why This Matters: We collect only what's necessary for professional AI consulting. Every data point serves a specific purpose: service delivery, legal compliance, or business improvement.
Data minimisation: If we don't need it, we don't collect it.
Transparency: You always know what we have and why.

3. How We Use Your Data

  • Service Delivery (Contract Performance): Responding to enquiries, delivering consulting, managing projects, processing payments.
  • Communication (Legitimate Interest): Service updates, support requests, industry developments (opt-in only).
  • Legal Compliance (Legal Obligation): Tax records (7 years), data protection, fraud prevention.
  • Business Improvement (Legitimate Interest): Website UX, service feedback.

4. Data Sharing

We do not sell, rent, or trade your data. Limited sharing only with Service Providers (Google Workspace, Hosting, Stripe, Calendly). All processors have DPAs ensuring UK GDPR compliance.

5. Retention

  • Enquiry (No Contract): 2 years
  • Client Projects: 7 years
  • Financial Records: 7 years (HMRC)
  • Marketing Consent: Until withdrawal or 3 years inactivity
  • Analytics: 26 months

Right to Erasure: Request early deletion. We comply unless legal obligation to retain.

6. Security

Technical measures include HTTPS/TLS encryption, 2FA, UK GDPR compliant cloud storage, encrypted off-site backups. Organisational measures include data minimisation, current NPPV3 Police vetting clearance (suitable for council and public-sector engagements), and 72-hour incident response reporting.

7. Your Rights Under UK GDPR

Access, Rectification, Erasure, Restrict Processing, Data Portability, Object, Withdraw Consent, Lodge Complaint to ICO. Exercise rights via simon@ai-si.com (respond within 30 days).

8. AI Use Disclosure

AI-assisted tools are used to support drafting, editing, and formatting of website content. All content is reviewed by Simon Steggles before publication. No client data is processed by AI tools without explicit agreement and contractual safeguards.

9. Cookies & Consent

We set the minimum number of cookies needed to make the site work. On your first visit you will see a banner asking whether you accept non-essential cookies (currently the Calendly booking widget). Your choice is stored in your browser’s localStorage under the key aisi-consent and is honoured on every page until you clear it. If you reject, we do not load the Calendly script — you can still book by phone, email, or by opening calendly.com in a new tab yourself.

10. Regulatory & Insurance Compliance

Professional Indemnity Insurance: AI-Si.com carries Professional Indemnity insurance via a UK-regulated carrier covering the full scope of consulting, training and implementation work delivered. Insurer name, policy number and coverage limit are available on request from simon@ai-si.com and will be supplied as part of standard pre-engagement due diligence.

Background & vetting: Royal Navy 1984–90 (Cat 3 Positive Vetting at the time; the PV scheme has since been superseded by Developed Vetting). Current NPPV3 (Non-Police Personnel Vetting Level 3) clearance, suitable for work involving sensitive data, public-sector engagements and council contracts.

Questions?

Email: simon@ai-si.com | Phone: 07973 210895

Call