LEGAL

Privacy Policy

Last updated: 1 January 2026

1

Who We Are

Staffpoint is an AI consultancy based in the United Kingdom. We help businesses audit, implement, and manage AI systems. Our registered business name is Staffpoint, and our primary contact email is hello@staffpoint.co.uk.

This Privacy Policy explains how we collect, use, store, and share personal information when you visit our website or contact us. We are committed to handling your data responsibly and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2

Information We Collect

We collect personal information in the following circumstances:

  • Contact form submissions: first name, last name, email address, company name, enquiry type, and message content.
  • Email correspondence: any personal data you include when emailing us directly.
  • Website analytics: anonymised usage data including pages visited, time on site, and referring source (if analytics are enabled).
  • Cookies: technical identifiers stored in your browser as described in our Cookie Policy.

We do not knowingly collect data from children under the age of 16. Our services are directed at business professionals.

3

How We Use Your Information

We use the information we collect to:

  • Respond to your enquiries and provide the services you have requested.
  • Send you information about our services where you have consented or where we have a legitimate interest in doing so.
  • Improve the content and performance of our website.
  • Comply with legal obligations.

Our lawful bases for processing are: (a) legitimate interests — responding to business enquiries; (b) consent — marketing communications; and (c) legal obligation — record-keeping requirements.

4

Data Sharing

We do not sell, rent, or trade your personal data. We may share data with:

  • Email service providers used to deliver messages you have requested.
  • Analytics providers (where applicable) under data processing agreements.
  • Professional advisers such as solicitors or accountants where necessary.
  • Regulatory authorities or law enforcement where required by law.

Any third parties we work with are required to handle your data in accordance with applicable data protection law.

5

Data Retention

We retain personal data for as long as necessary to fulfil the purpose for which it was collected, or as required by law. In practice:

  • Enquiry data: retained for up to 2 years from last contact, then securely deleted.
  • Client records: retained for 6 years after the end of the client relationship in line with UK tax and legal requirements.
  • Analytics data: retained in anonymised form; raw session data deleted within 12 months.

6

Your Rights

Under UK GDPR you have the following rights in relation to your personal data:

  • Right of access — request a copy of the data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete data.
  • Right to erasure — request deletion of your data in certain circumstances.
  • Right to restriction — ask us to limit how we use your data.
  • Right to data portability — receive your data in a machine-readable format.
  • Right to object — object to processing based on legitimate interests or for direct marketing.
  • Rights related to automated decision-making — we do not make solely automated decisions that significantly affect you.

To exercise any of these rights, please contact us at hello@staffpoint.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

7

Security

We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. This includes TLS encryption for data in transit and access controls for data at rest.

While we take reasonable precautions, no method of transmission over the internet is 100% secure. If you have concerns about a specific data interaction, please contact us directly.

8

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this page periodically to stay informed about how we protect your information.

Continued use of our website after changes are posted constitutes your acceptance of the revised policy.