Legal

Privacy Policy

How Suzume AI collects, uses, and protects your personal data

Last updated: 5 April 2026  |  Jurisdiction: United Kingdom (UK GDPR / DPA 2018)

1. Who We Are

This Privacy Policy applies to the website at suzume.ai, operated by Suzume AI Ltd, a company registered in England and Wales (Registration Number: 17123523). We are the data controller responsible for your personal data.

ICO Registration Number: ZC115982

Contact: enquiries@suzume.ai

This Privacy Policy should be read alongside our Cookie Policy, which explains how we use cookies and similar technologies.

2. What Personal Data We Collect

We collect personal data in the following circumstances:

  • Contact form submissions: your name, email address, and any information you choose to provide in your message
  • Email correspondence: your email address and the contents of any emails you send us
  • Website usage data: IP address, browser type, pages visited, and time spent on the site (if analytics cookies are accepted)
  • Cookie consent preferences: stored locally in your browser via localStorage

We do not collect sensitive personal data (as defined under UK GDPR Article 9) and we do not collect data from children under the age of 13.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

  • To respond to enquiries and contact form submissions
  • To communicate with you about our services
  • To improve our website and understand how visitors use it (analytics)
  • To comply with our legal obligations

We do not use your data for automated decision-making or profiling, and we do not sell your personal data to third parties.

4. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Legitimate interests (Article 6(1)(f)): responding to business enquiries and maintaining the security and performance of our website
  • Consent (Article 6(1)(a)): optional analytics and functional cookies, which you can accept or decline via our cookie banner
  • Legal obligation (Article 6(1)(c)): where we are required to process data to comply with applicable law

5. Data Retention

We retain personal data only for as long as is necessary for the purpose for which it was collected:

  • Contact form and email enquiries: retained for up to 2 years from the date of last contact, unless an ongoing business relationship warrants longer retention
  • Analytics data: up to 26 months, depending on the analytics provider used
  • Cookie consent preferences: stored in your browser's localStorage until you clear it; no server-side copy is retained by us

When data is no longer required, it is securely deleted or anonymised.

6. Third Parties

We may share your data with the following categories of third parties where necessary:

  • Email service providers: used to receive and manage enquiries sent via our contact form
  • Hosting and infrastructure providers: who process data on our behalf under appropriate data processing agreements
  • Analytics providers: only if you have consented to analytics cookies

We do not transfer personal data outside the United Kingdom or European Economic Area without ensuring appropriate safeguards are in place.

Our website loads resources from third-party CDNs (Google Fonts, Cloudflare, jsDelivr). These may collect limited technical data such as your IP address when resources are loaded. Please refer to those providers' own privacy policies for details.

7. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you
  • Right to rectification: to request correction of inaccurate or incomplete data
  • Right to erasure: to request deletion of your personal data where there is no legitimate reason to retain it
  • Right to restrict processing: to request that we limit how we use your data in certain circumstances
  • Right to object: to object to processing based on legitimate interests
  • Right to data portability: to receive your data in a structured, machine-readable format where processing is based on consent or contract
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at enquiries@suzume.ai. We will respond within one calendar month.

8. Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website uses HTTPS encryption, Content Security Policy headers, and restricts third-party data flows. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Any updates will be posted on this page with a revised "Last updated" date. We encourage you to review this page periodically.

10. Contact & Complaints

If you have any questions or concerns about how we handle your personal data, please contact us:

If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.