BACKGROUND:
KAI Conversations Limited ("we", "us", "our") understands that your privacy is important and we care about how your personal data is used. We respect and value the privacy of everyone whose data we process and will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law.
This Privacy Notice is for all individuals whose personal data we process, including contacts at our client companies and participants in conversations recorded as part of our services.
1. Information About Us
• Company Name: KAI Conversations Limited
• Company Number: 12591508 (Registered in England)
• Registered Address: 1 The Byre, Frogmill Court, Blackboy Lane, Hurley, SL6 5NS
• Data Protection Contact: David Naylor
2. What Does This Notice Cover?
This Privacy Notice explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
3. What Is Personal Data?
Personal data is defined by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 as 'any information relating to an identifiable person who can be directly or indirectly identified'.
In simpler terms, it is any information about you that enables you to be identified. This includes obvious information like your name and contact details, but also less obvious information such as facial imagery, your voice, identification numbers, and other online identifiers.
4. What Are My Rights?
Under data protection law, you have the following rights, which we will always work to uphold:
a) The right to be informed about our collection and use of your personal data. b) The right to access the personal data we hold about you (see Section 11). c) The right to rectification if any of your personal data is inaccurate or incomplete. d) The right to erasure (the "right to be forgotten"), asking us to delete any of your personal data that we hold. e) The right to restrict the processing of your personal data. f) The right to object to us using your personal data for a particular purpose. g) The right to withdraw consent at any time, where we are relying on consent as our legal basis. h) The right to data portability, allowing you to ask for a copy of your personal data to re-use with another service. i) Rights relating to automated decision-making and profiling. We do not currently use your data for these purposes.
For more information about exercising your rights, please contact us using the details in Section 12. You can also find further information from the Information Commissioner’s Office (ICO).
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK's supervisory authority for data protection issues. We would, however, appreciate the chance to resolve your concerns ourselves first, so please contact us using the details in Section 12.
5. What Personal Data Do You Collect?
We may collect some or all of the following personal data, depending on your use of our services:
Data Collected | How We Collect the Data |
|---|---|
Facial image data | Interaction video recordings |
Conversational speech data, which may include your name, job title, place of work, and other personal details shared during discussion. | Interaction audio recordings |
User full name and email address (for client contacts) | Project setup documentation |
We may also obtain information from other sources (such as from our clients) and combine that with information we collect through our services.
6. How and Why Do You Use My Personal Data? (Our Purposes and Lawful Basis)
Data protection law requires us to have a valid lawful basis for using your personal data. We use your data for the purposes listed below:
- To Provide Analytical Insights to Our Clients
- What this means: We analyse the facial and speech data from recorded sessions to provide our client (e.g., your employer) with data-driven feedback on communication patterns. This is used for professional development, such as training and coaching. Final reports provided to the client are aggregated and anonymised wherever possible to protect individual privacy.
- Data Used: Facial image data, Conversational speech data.
- Our Lawful Basis: Legitimate Interests. We have a legitimate commercial interest in fulfilling our service agreement with our client. We have assessed that this interest is not overridden by your rights, as the purpose is professional development and we apply significant safeguards to protect your privacy.
- To Improve Our Services and AI Models
- What this means: We use anonymised and aggregated data to identify broad communication trends. This helps us improve the accuracy of our analysis models and the overall quality of our service. No individual can be identified from this analysis.
- Data Used: Anonymised facial and speech data.
- Our Lawful Basis: Legitimate Interests. We have a legitimate interest in improving our commercial product to remain competitive and provide a better service for all clients.
- To Manage Our Client Accounts and Communications
- What this means: If you are our point of contact at a client company, weuse your name and email address to manage our contract, providesupport, and handle billing.
- Data Used: User full name and email address.
- Our Lawful Basis: Performance of a Contract. We need this informationto deliver the service you have purchased from us.
We will only use your personal data for the purposes for which it was collected, unless we reasonably believe that another purpose is compatible with the original one.
7. How Long Will You Keep My Personal Data?
We will not keep your personal data for longer than is necessary. Your data will be kept for the following periods:
Type of Data | How Long We Keep it |
|---|---|
Interaction video recording. | No more than 6 months after end of client contractual relationship. |
Interaction audio recording. | No more than 6 months after end of client contractual relationship. |
Interaction text transcriptions of audio recordings without PII redacted. | No more than 6 months after end of client contractual relationship. |
Interaction text transcriptions of audio recordings with PII redacted. | No fixed period. |
User full names and email addresses. | No more than 6 months after end of client contractual relationship. |
8. How and Where Do You Store or Transfer My Personal Data?
We primarily store your personal data in the UK and the European Economic Area (EEA). This means it is fully protected under the UK GDPR and/or equivalent standards.
International Transfers: For the purposes outlined in this notice, we may use sub-processors located outside the UK/EEA. Where we transfer your data to a country not deemed to provide an adequate level of data protection, we will ensure that appropriate safeguards are in place. This will be done through legally-approved mechanisms such as the UK’s International Data Transfer Agreement (IDTA).
9. Keeping Your Data Secure
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. These measures include:
- Encryption: All personal data is encrypted both in transit (as it travels over the internet) and at rest (when it is stored on our servers).
- Access Controls: We limit access to your personal data to those employees and sub-processors who have a business need to know. They will only process your data on our instructions and are subject to a duty of confidentiality.
- Security Procedures: We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. Do You Share My Personal Data?
We will not share your personal data with any third parties for their own purposes, subject to these exceptions:
- Sub-Processors: We may share data with trusted third parties who process it on our behalf to provide our services (e.g., cloud hosting providers). They are contractually bound to protect your data and only use it for the purposes we specify.
- Business Transfers: If we sell, transfer, or merge parts of our business, your data may be transferred to the new owner, who may use it in the same ways as described in this notice.
- Legal Requirements: In limited circumstances, we may be legally required to share personal data to comply with a court order or instructions from a government authority.
11. How Can I Access My Personal Data?
You can ask for details of the personal data we hold about you by making a "subject access request". All requests should be made in writing to the contact details in Section 12. While you do not have to use it, we can provide a form to make this process easier.
We will respond to your request within one month. This is normally free of charge, but we may charge a reasonable fee for requests that are manifestly unfounded or excessive.
12. How Do I Contact You?
To contact us about your personal data and data protection, please use the following details:
- For the attention of: David Naylor
- Email: davidn@kaiconversations.com
- Telephone: +447824397097
- Address: 1 The Byre, Frogmill Court, Blackboy Lane, Hurley, SL6 5NS
13. Changes to this Privacy Notice
We may update this notice from time to time, for example, if the law changes or if we change our business. Any changes will be posted on our website.
Last Updated: 25th June 2025