Privacy Policy - Your Data Protection with CatchIt

Privacy Policy

Privacy Policy – CatchIt

Last Updated: 01/06/2026
Effective Date: 01/06/2026

1. Introduction

This Privacy Policy describes how CatchIt (“CatchIt”, “we”, “us”, or “our”) collects, uses, stores, and protects personal data in connection with our website, applications, and AI-powered communication services.

CatchIt provides AI-driven customer communication infrastructure, including AI receptionist services, automated SMS responses, call handling, and business messaging automation (“Services”).

We are committed to safeguarding personal data and operating in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller Information

CatchIt acts as the data controller for personal data processed through our website and customer onboarding systems, and as a data processor when delivering services on behalf of business clients.

Data Controller: CatchIt
Contact Email: [Insert Email]
Website: [Insert URL]

3. Categories of Personal Data We Process

We process personal data strictly as required to deliver, maintain, and improve our Services.

3.1 Client and Account Data

  • Full name
  • Email address
  • Telephone number
  • Business or trading name
  • Billing and payment details
  • Account credentials and usage metadata

3.2 End-User Communication Data (Client Customers)

When our Services are deployed by business clients, we may process:

  • Inbound and outbound SMS message content
  • Call metadata and call recordings (where enabled)
  • AI-generated call transcripts and summaries
  • Appointment, enquiry, or booking information
  • Customer interaction history

3.3 Technical and Usage Data

  • IP address and device identifiers
  • Browser type and operating system
  • Log files and access timestamps
  • Usage analytics and performance telemetry
  • Cookie identifiers and session data

4. Purpose and Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contractual Necessity: to provide and maintain the Services agreed with clients
  • Legitimate Interests: to operate, secure, optimise, and improve platform performance
  • Consent: for marketing communications and optional features where required
  • Legal Obligation: compliance with applicable legal, tax, and regulatory requirements

We ensure all processing activities are proportionate, necessary, and aligned with user expectations.

5. Use of Personal Data

Personal data may be used for the following purposes:

  • Provision and operation of AI receptionist and messaging services
  • Automated response generation via AI systems
  • Routing, handling, and summarisation of communications
  • Account creation, authentication, and administration
  • Service monitoring, debugging, and performance optimisation
  • Fraud prevention, abuse detection, and system security
  • Customer support and service communications
  • Compliance with applicable legal obligations

6. Data Processing on Behalf of Clients

Where CatchIt processes data on behalf of business clients, such clients act as the data controller, and CatchIt operates as a data processor.

In such cases:

  • We process data strictly in accordance with client instructions
  • We do not use client data for independent purposes
  • We implement appropriate technical and organisational safeguards
  • We assist clients in meeting their GDPR obligations where required

7. Data Sharing and Subprocessors

We do not sell personal data under any circumstances.

We may share data with carefully selected third-party subprocessors solely to deliver and improve the Services, including:

  • Telecommunications providers (e.g. SMS and voice routing services such as Twilio or equivalents)
  • Cloud infrastructure providers
  • Payment processors
  • Analytics and monitoring providers
  • Security and fraud prevention services

All subprocessors are bound by contractual obligations requiring compliance with applicable data protection standards.

8. International Data Transfers

Where personal data is transferred outside the United Kingdom or European Economic Area, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs)
  • Adequacy regulations where applicable
  • Equivalent legal safeguards ensuring data protection continuity

9. Data Retention

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, including:

  • Delivery of contracted Services
  • Legal, regulatory, and accounting obligations
  • Dispute resolution and enforcement of agreements

Upon termination of services or verified deletion requests, data is securely deleted or anonymised, subject to legal retention requirements.

10. Data Security

We implement industry-standard technical and organisational measures to protect personal data, including:

  • Encryption of data in transit and at rest
  • Role-based access controls and least-privilege principles
  • Secure cloud infrastructure
  • Continuous monitoring and audit logging
  • Regular security reviews and system testing

While we take all reasonable precautions, no system can guarantee absolute security.

11. Automated Decision-Making and AI Processing

CatchIt utilises artificial intelligence systems to facilitate automated communication workflows, including:

  • AI-generated SMS responses
  • Automated call handling and transcription
  • Enquiry classification and routing
  • Message summarisation and scheduling support

These systems are designed to assist human workflows rather than replace human oversight entirely. Clients are responsible for configuring appropriate usage parameters.

12. Your Rights Under UK GDPR

Where applicable, individuals may exercise the following rights:

  • Right of access to personal data
  • Right to rectification of inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

Requests may be submitted to: CATCHIT.UK

We will respond to all verified requests in accordance with applicable legal timeframes.

13. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain session functionality
  • Analyse platform usage and performance
  • Improve user experience and system reliability

Users may manage cookie preferences through browser settings or applicable consent tools.

14. Third-Party Services

Our Services may integrate with third-party infrastructure providers to enable functionality, including but not limited to:

  • Telecommunications and messaging APIs
  • Cloud hosting and storage providers
  • Payment processing systems
  • Analytics and observability tools

These providers process data only as necessary to perform their contracted services.

15. Changes to This Policy

We may update this Privacy Policy periodically to reflect operational, legal, or regulatory changes. Material updates will be communicated via our website or customer dashboard where appropriate.

 

©Copyright. All rights reserved.

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.