1. Who we are

ScotReach ("we", "us", "our") provides AI chatbot, voice agent, and business automation services to small businesses in Glasgow and the surrounding area. This policy explains how we collect, use, and protect personal data when you visit our website, contact us, or use our services, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What information we collect

We may collect the following types of information:

  • Contact details you provide via our contact form, chat widget, or email — such as your name, business name, email address, and phone number.
  • Enquiry details — information about your business and the services you're interested in, which you choose to share with us.
  • Website usage data — basic, non-identifying analytics about how visitors use our website (e.g. pages viewed), where applicable.
  • Communications — records of emails, calls, or messages between you and us, for the purpose of providing and improving our services.

3. How we use your information

We use personal data only for purposes such as:

  • Responding to enquiries and providing quotes or information about our services
  • Setting up, delivering, and maintaining services for clients
  • Improving our website and services
  • Meeting legal or regulatory obligations

We do not sell or rent personal data to third parties.

4. Legal basis for processing

We process personal data on the basis of: your consent (e.g. submitting a contact form), the performance of a contract (e.g. delivering services you've signed up for), and our legitimate interests in operating and improving our business, balanced against your rights.

5. Sharing your information

We may share information with trusted third-party services that help us operate — for example, email and form-handling providers, or hosting providers — solely for the purpose of providing our services. These providers are required to handle data securely and in accordance with applicable data protection law.

6. Data retention

We keep personal data only for as long as necessary for the purposes it was collected — for example, enquiry details may be kept while we're in discussion with you, and client data is kept for as long as you use our services plus any period required for legal or accounting purposes.

7. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten"), where applicable
  • Object to or restrict certain processing
  • Withdraw consent at any time, where processing is based on consent

To exercise any of these rights, contact us using the details below.

8. Cookies

Our website may use minimal, essential cookies required for the site to function. We do not use cookies for advertising or cross-site tracking. If this changes, this policy will be updated and, where required, your consent will be requested.

9. Security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or misuse. However, no method of transmission over the internet is completely secure.

10. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top of this page will reflect the most recent changes.

11. Contact us

If you have any questions about this privacy policy or how your data is handled, please get in touch via our contact form.

This policy is provided as a general template for a small UK-based service business and does not constitute legal advice. If you require a policy tailored to specific data processing activities, consider seeking professional legal guidance.