Privacy Policy

1. Introduction

Instro AI Solutions (Instro AI Solutions Limited, Company No. 15347917, Registered Office: 30 The Street, Upper Sheringham, Sheringham, England, NR26 8AD) is committed to protecting your privacy. This Privacy Policy explains how we collect, process, store, and secure personal data from users of our website and the Instro AI product in accordance with the UK Data Protection Act 2018 and GDPR.

2. Data Collection and Use

2.1 Information Collected:

We collect data necessary to deliver our AI solutions, including user-provided information, interaction logs, and system configuration details. We do not collect special categories of personal data unless explicitly agreed.

2.2 Purpose:

Data is processed solely to deliver and enhance our AI products and services. Your data will never be used to train our AI models unless you have explicitly consented.

3. Data Storage and Security

3.1 Storage Location:

Your data is stored in secure, GDPR-compliant data centres within the UK or EU. If data transfer outside these regions becomes necessary, we implement appropriate safeguards under UK/EU law.

3.2 Encryption:

We encrypt data in transit using TLS v1.2 or above, and data at rest using AES-256 encryption standards.

3.3 Access Controls:

Your data is accessible only to authorised Instro AI personnel under role-based access control, with regular permission audits.

4. Data Retention and Deletion

4.1 Retention:

Personal data is retained only as long as necessary to fulfil the purposes for which it was collected or as required by applicable law, typically for the duration of your contract with Instro AI. Your data will be securely and permanently deleted from our systems, including all backups, within 30 days following the termination or expiry of your contract unless an alternative retention period has been explicitly agreed with you in accordance with applicable data protection laws.

4.2 Deletion:

Upon request, your data will be securely and permanently deleted from our systems, including backups.

5. Data Protection Measures

5.1 Security Testing:

Annual penetration testing and continuous vulnerability scans are conducted. Any vulnerabilities identified are promptly addressed.

5.2 Device Security:

Instro AI encourages all system users to operate secure devices and maintain up-to-date anti-malware software. Where company-owned devices are provided, these devices are subject to enhanced security controls and regular monitoring to ensure the protection of client data.

6. Employee Training and Awareness

Instro AI recognises that regular security and privacy awareness training is essential for protecting client data. Employees and system users are encouraged to maintain up-to-date knowledge of data protection best practices, reflecting our ongoing commitment to data security and compliance.

7. Your Rights

You have rights under UK data protection law to access, rectify, delete, restrict processing, and object to data handling. To exercise your rights, contact our Data Protection Officer (details below).

8. Compliance and Accountability

We maintain full compliance records, conduct regular Data Protection Impact Assessments (DPIAs) where required, and are registered with the UK ICO (Registration No. ZB852431). We have robust procedures for handling and reporting data breaches as mandated by GDPR.

9. Cookies

We use cookies only to enhance your website experience. Please see our Cookie Policy for details.

10. Children’s Privacy

Instro AI does not knowingly collect data from individuals under 16 years old.

11. Third-party Links and Integrations

Where applicable, our services may include third-party integrations; please refer to their respective privacy policies.

12. Contact

For privacy-related queries, please contact our Data Protection Officer:

Email: info@instro.ai
Postal Address: Instro AI Solutions, 30 The Street, Upper Sheringham, Sheringham, England, NR26 8AD