UK GDPR information

Data protection in an AI front desk.

SIMCOAI provides controls and infrastructure to help businesses operate customer communications responsibly.

FrameworkUK GDPR and Data Protection Act 2018

Platform roleController and processor, depending on context

ImportantGeneral information, not legal advice

1. Framework

SIMCOAI LTD aims to process personal data in accordance with applicable UK data protection law, including the UK GDPR and Data Protection Act 2018. This page provides general platform information and is not legal advice.

Data protection by configuration

The platform provides access controls, operational permissions, retention tools and logging. Customers must select and maintain configurations appropriate to their processing activities.

2. Controller and processor roles

Customer businesses generally determine why and how their customer data is processed and therefore act as controllers. SIMCOAI LTD generally acts as processor for that data. SIMCOAI LTD acts as controller for its own account, billing, security, sales and support activities.

3. Data protection principles

The platform is designed to support purpose limitation, data minimisation, accuracy, retention control, security and accountability. Businesses can configure knowledge, permissions, operational workflows and notifications, and can review or remove many records through the dashboard.

4. Customer responsibilities

Customers must establish a lawful basis, provide required notices, configure call and recording disclosures, limit access, maintain accurate policies and avoid inappropriate automated decisions.

Customers are responsible for responding to their data subjects and ensuring SIMCOAI is suitable for their sector, data categories and risk profile.

5. Subprocessors and transfers

Subprocessors may include Supabase, Stripe, Twilio, OpenAI, email, hosting and infrastructure providers. Their roles depend on enabled features. International transfers may occur and must be supported by appropriate safeguards where required.

6. Data subject rights

SIMCOAI will provide reasonable assistance to customer businesses responding to valid rights requests, subject to contractual arrangements and technical capability. Direct requests relating to a customer business's data may be redirected to that business.

7. Security incidents and enquiries

Customers should report suspected security incidents promptly through the contact page. SIMCOAI will investigate and communicate in accordance with applicable obligations.

Data processing terms

Enterprise customers and other eligible customers may request appropriate data processing terms and information about enabled subprocessors through the contact page.