Privacy Policy
Who we are
Telos AI is the trading name of William Robert Gouldsmith, a sole trader based in Bristol, England.
- Data controller: William Robert Gouldsmith, trading as Telos AI
- Address: Bristol, United Kingdom (full postal address available on request)
- Email: william.gouldsmith@telosai.co.uk
- Website: telosai.co.uk
For questions about this policy or your personal data, contact us at the email above.
What personal information we collect
Information you give us directly
- Your name and business name
- Your email address and phone number
- Your job title or role
- The content of any message, enquiry, or form submission
- Any information you provide when creating a portal account (business name, contact name, email, and password)
- Information provided during onboarding (business details, operational challenges, and service preferences)
- Waitlist signup details: your email address, and optionally your name and business name
Information collected automatically when you visit our website
- Your IP address
- Browser type, version, and device type
- Pages visited, time spent, and navigation path
- Referring website or search term
- General location at country and region level, derived from your IP address
Information collected through the client portal
- Login credentials (email and encrypted password, managed via Supabase Auth)
- Business performance data, leads, and metrics you or we enter on your behalf
- Communications and change requests submitted through the portal
- Billing and payment records
We do not collect special category data (health, financial, biometric, or similar sensitive information) through this website or portal.
How we use your information and our lawful basis
Under UK GDPR, we rely on the following lawful bases:
| Purpose | Data used | Lawful basis |
|---|---|---|
| Responding to enquiries and contact form submissions | Name, email, message content | Legitimate interests |
| Assessing whether our services suit your needs | All enquiry data | Legitimate interests |
| Delivering the services you have engaged us for | All client and portal data | Contract performance |
| Managing billing and payments | Business details, payment records | Contract performance |
| Maintaining the security and integrity of the portal | Auth and login data | Legitimate interests |
| Improving the website and understanding how it is used | Analytics data | Legitimate interests |
| Complying with legal obligations (tax records, etc.) | Financial records | Legal obligation |
| Sending marketing communications | Email address | Consent only |
| Operating our waitlist (storing your details and sending a confirmation) | Email, and optionally name and business name | Consent |
We will never send you marketing emails unless you have explicitly opted in. You can withdraw consent at any time by emailing us.
Joining our waitlist
If you join our waitlist, we collect the email address you submit, and optionally your name and business name. We use these details to keep you on the list and to contact you about availability.
Your signup details are stored in our database, which is hosted by Supabase. They are also processed through Resend, our email provider, which sends you a confirmation email and holds your details in our marketing audience list so we can reach out later. We rely on your consent (given when you submit the waitlist form) as our lawful basis. You can ask us to remove you from the waitlist and the audience list at any time by emailing us, and any marketing email we send will include an unsubscribe option.
Third parties who process your data
To deliver our services and operate our website, we use the following third-party processors. Each has been assessed for UK GDPR compliance:
| Provider | Purpose | Privacy information |
|---|---|---|
| Supabase | Secure database, authentication, and portal infrastructure (including waitlist signups) | supabase.com/privacy |
| Resend | Sending transactional emails (such as waitlist confirmations) and managing our marketing audience / contact list | resend.com/legal/privacy-policy |
| Stripe | Processing payments and managing billing | stripe.com/gb/privacy |
| Vercel | Hosting this website and portal | vercel.com/legal/privacy-policy |
| Google (Workspace and Analytics) | Business email, calendar, and optional website analytics | policies.google.com/privacy |
| Anthropic / OpenAI / third-party AI providers | Providing AI-powered automations to clients (data shared only as necessary to deliver agreed services) | anthropic.com/legal/privacy |
| Cal.com or Google Calendar | Managing consultation and client meeting bookings | cal.com/privacy |
We do not sell, rent, or share your personal data with any third party for their own marketing purposes. We only share data with processors as necessary to deliver the services you have engaged us for.
Where processors are based outside the UK, we ensure adequate safeguards are in place, including UK adequacy decisions or Standard Contractual Clauses.
How long we keep your information
| Data | Retention period |
|---|---|
| Website enquiries that did not become engagements | 12 months from the enquiry date |
| Client portal and service delivery data | 6 years from the end of the engagement |
| Financial records and invoices | 6 years (HMRC requirement) |
| Marketing consent records | Until consent is withdrawn, plus 12 months |
| Website analytics data | As configured in the analytics platform (typically 26 months) |
After the applicable period, data is securely deleted or anonymised.
Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Erasure (the right to be forgotten) in certain circumstances
- Restrict how we process your data in certain circumstances
- Data portability, where technically feasible
- Object to processing based on legitimate interests
- Withdraw consent at any time where we rely on consent
To exercise any right, email us at william.gouldsmith@telosai.co.uk. We will respond within one calendar month.
If you are not satisfied with how we handle your data, you have the right to complain to the ICO at ico.org.uk/make-a-complaint or by telephone on 0303 123 1113.
Cookies
We use cookies on this website. For full details of which cookies we use and how to control them, see our Cookie Policy.
Changes to this policy
We update this policy when our practices change. The date at the top of this page reflects the most recent update. Material changes will be noted on the website.
Contact us
William Robert Gouldsmith, trading as Telos AI
Email: william.gouldsmith@telosai.co.uk
Address: Bristol, United Kingdom (full postal address available on request)