Privacy Policy

Last updated: 21 June 2026 · TradesAI Operator Ltd (Companies House 17114582)

1. Who We Are

TradesAI Operator Ltd is the data controller for personal data processed through our platform. We are registered in England and Wales under Companies House number 17114582, registered office at 5 Brayford Square, London, E1 0SG.

ICO registration number: registration pending — to be updated on receipt.

Data protection contact: admin@tradesaioperator.uk

2. What Data We Process

Data about your customers (End Users — callers to your business):

• Full name and phone number
• Postcode and job type
• Call recordings processed via Retell AI
• Call transcripts and intent classification
• SMS message content (via Twilio)
• Booking details, scheduled dates, and job status
• Emergency severity flags

Data about you (the trade business operator / Customer):

• Name, email address, and phone number
• Business name, trade type, and address
• Google Calendar ID and Google Sheets ID
• Twilio number allocated to your account
• Booking and revenue records
• Payment data via Stripe (when payment functionality is live)

3. Lawful Basis for Processing

• Art. 6(1)(b) — Contract performance: Processing necessary to deliver the AI receptionist service you have subscribed to.
• Art. 6(1)(f) — Legitimate interests: Processing call recordings and transcripts to detect emergencies, improve service quality, and ensure platform security, balanced against data subject rights.
• Art. 6(1)(c) — Legal obligation: Retaining financial records for 6 years as required by HMRC.

4. Retention Periods

• Active service data (call logs, bookings, transcripts): 12 months from creation, then purged.
• Account and billing records: 6 years from the end of the relevant tax year (HMRC requirement).
• Call recordings: Subject to Retell AI's own retention policy — see retellai.com/legal/privacy-policy.
• GDPR request logs: 3 years to demonstrate compliance.

5. Your Rights Under UK GDPR

• Right of access (Art. 15): Request a copy of all personal data we hold about you.
• Right to rectification (Art. 16): Ask us to correct inaccurate or incomplete data.
• Right to erasure (Art. 17): Request deletion where there is no overriding legal basis for retention.
• Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
• Right to object (Art. 21): Object to processing based on legitimate interests.
• Right to restrict processing (Art. 18): Ask us to limit how we use your data while a dispute is resolved.
• Right to withdraw consent: Where processing is consent-based, withdraw at any time without affecting prior processing.

We will respond to all requests within one calendar month. See Section 8 for how to submit a request.

6. Sub-Processors

We share data with the following sub-processors only as necessary to provide the service:

7. International Transfers

Several sub-processors are based in the United States. Transfers are protected by Standard Contractual Clauses (SCCs) adopted under the UK International Data Transfer Agreement (IDTA) framework. You may request a copy of applicable transfer safeguards by emailing admin@tradesaioperator.uk.

8. Exercising Your Rights

Portal account holders can exercise rights directly:

• Data export (Art. 15 / Art. 20): Call GET /api/account/export while authenticated to download all your data as JSON.
• Account deletion (Art. 17): Call DELETE /api/account while authenticated. Your account is soft-deleted and permanently purged after a 30-day grace period, subject to HMRC retention obligations.

For other requests or if you are an End User (caller) whose data was processed, email admin@tradesaioperator.uk. We will respond within one calendar month.

9. Complaints

If you believe your data has been mishandled you may lodge a complaint with the UK supervisory authority:

We would appreciate the opportunity to address concerns directly before an ICO referral.

10. Contact Us