Privacy Policy

Last Updated: November 9, 2025

1. Introduction

ANNOTATEAI LTD ("we", "us", or "our") operates the AnnotateAI platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Company Details:
Legal Name: ANNOTATEAI LTD
Registered Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Contact Email: hello@annotateai-team.com

2. Data Controller

ANNOTATEAI LTD is the data controller responsible for your personal information. For any questions about this Privacy Policy or our data practices, please contact us at hello@annotateai-team.com.

3. Information We Collect

3.1 Personal Information

  • Account Information: Name, email address, company name, job title
  • Authentication Data: Password (encrypted), login credentials
  • Profile Information: User preferences, language settings, time zone
  • Contact Information: Email, phone number (optional)

3.2 Usage Data

  • Service Usage: Tasks created, annotations submitted, projects managed
  • Activity Logs: Login times, features used, actions performed
  • Device Information: IP address, browser type, operating system

3.3 Payment Information

Billing data is processed securely through Stripe. We do not store full credit card details.

4. Legal Basis for Processing (UK GDPR)

  • Contract Performance: Processing necessary to provide the Service
  • Legitimate Interests: Platform security, service improvement, analytics
  • Legal Obligations: Tax records, regulatory compliance
  • Consent: Marketing communications, optional cookies

5. Data Sharing

We share data with:

  • Service Providers: Supabase (hosting), Stripe (payments), SendGrid (emails)
  • Platform Users: Clients and annotators see relevant project information
  • Legal Authorities: When required by law

We do NOT sell your personal data to third parties.

6. Your Rights Under UK GDPR

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing for marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise your rights, contact hello@annotateai-team.com. We will respond within 30 days.

7. Data Security

  • Encryption: SSL/TLS for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access, multi-factor authentication
  • Security Monitoring: 24/7 monitoring, intrusion detection
  • Regular Audits: Security assessments and vulnerability testing

8. Data Retention

  • Active Accounts: Duration of subscription + 30 days after cancellation
  • Financial Records: 6 years (UK tax law requirement)
  • Support Tickets: 3 years

9. Contact Us

ANNOTATEAI LTD
71-75 Shelton Street, Covent Garden
London, WC2H 9JQ, United Kingdom

Email: hello@annotateai-team.com

Supervisory Authority:
Information Commissioner's Office (ICO)
Website: https://ico.org.uk/
Phone: 0303 123 1113