Privacy Policy

Alternate Text

Policies

Privacy Policy

Stealth Robotics ("we," "us," or "our") is committed to protecting the privacy of our customers and website visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our remote robotics software solutions and related services.

By using our services and providing your personal data, you confirm that you have read and understood this Privacy Policy. You consent to the collection, use, and processing of your personal information as described in this Privacy Policy.

You acknowledge that your consent is given freely, specifically, and informedly, and that you may withdraw consent at any time by contacting us at [contact@stealthrobotics.co.uk].

1. Personal Data

1.1 Where necessary, we collect information from you that enables you to be identified as an individual, such as the names and contact details of representatives from your company, including email addresses, phone numbers, and addresses. This kind of information is defined in the GDPR as personal data. The terms “personal data” and “personal information” are used interchangeably throughout this privacy policy. Stealth Robotics complies with the Data Protection Act 2018 (DPA 2018), the UK General Data Protection Regulation (UK GDPR), and the GDPR, ensuring that your personal data is processed lawfully, fairly, and transparently.

1.2 Generally, the type of personal data we collect is the information that we need to enable you to use our access our Services and fulfil our contractual obligations to you. To minimise the impact on your privacy, we will never knowingly collect more personal data than is strictly necessary to perform the activities described in this privacy policy.

2. Information We Collect

2.1 Company Information

We may collect company-specific information such as:

  1. a) Company name and registration details;
  2. b) Business address and contact information;
  3. c) Industry sector and type of robotics used.

2.2 Personal Information

We collect personal information from business representatives, including:

  1. a) Names and contact details;
  2. b) Job titles and departments;
  3. c) User account credentials.

3. Payment Processing and Billing

3.1 To process payments, we collect:

  1. a) Billing address;
  2. b) Payment method details (processed securely through our payment processor);
  3. c) Transaction history.

3.2 Automated Billing

By subscribing to our services, you consent to automatic billing. Depending on your chosen plan, we will automatically charge your payment method on a monthly or annual basis.

3.3 Payment Processing

We use [Stripe] to process all payments. Our payment processor has its own privacy policy governing the handling of your payment information: [https://stripe.com/gb/privacy]. We do not store your credit card information directly. We retain payment records (transaction IDs, amounts, dates) for accounting and legal compliance.

3.4 Payment Data Retention

  1. a) Transaction records are kept for 6 years as required by UK tax law.
  2. b) Failed payment attempts are recorded for 13 months to manage recurring billing.
  3. c) Billing addresses are retained for the duration of the active subscription and for 6 years after the last transaction for tax purposes.

4. Technical Data

4.1 We collect technical data related to how you interact with our services, including:

  1. a) IP addresses;
  2. b) Browser type and version;
  3. c) Operating system;
  4. d) Time zone setting and location;
  5. e) Log data related to software usage.

5. How We Use Your Information

5.1 We use the collected information for the following purposes:

  1. a) Providing and maintaining our services;
  2. b) Processing payments and managing subscriptions;
  3. c) Communicating about service updates and offers;
  4. d) Responding to inquiries and customer support;
  5. e) Improving our software and services;
  6. f) Complying with legal obligations.

6. Legal Basis for Processing

6.1 Under GDPR, we process your data based on:

  1. a) Contract performance;
  2. b) Legal obligations;
  3. c) Legitimate business interests;
  4. d) Consent (where applicable).

7. Data Sharing and Disclosure

7.1 We may share your information with:

  1. a) Payment processors for billing purposes;
  2. b) Cloud service providers for hosting;
  3. c) Professional advisers when necessary;
  4. d) Law enforcement when required by law.

7.2 We do not sell your personal data to third parties.

8. Data Security

8.1 We implement appropriate technical and organizational measures to secure your data, including:

  1. a) Encryption of data in transit and at rest;
  2. b) Regular security assessments;
  3. c) Access controls and authentication;
  4. d) Staff training on data protection.

9. Detailed Data Processing Activities

9.1 Automated Processing Techniques

We employ various automated processing methods, including:

  1. a) Machine learning algorithms for predictive maintenance;
  2. b) Statistical analysis for performance optimisation;
  3. c) Automated anomaly detection;
  4. d) Real-time data processing for system monitoring.

9.2 Processing Technologies

Our systems utilise:

  1. a) Edge computing for real-time processing;
  2. b) Cloud-based analytics platforms;
  3. c) Distributed database systems;
  4. d) API integrations with client systems.

9.3 Aggregated Data Analysis

We may use aggregated, anonymised data for:

  1. a) Service improvement;
  2. b) Industry benchmarking;
  3. c) Research and development;
  4. d) Trend analysis and reporting.
  5. e) Client data used for these purposes is:
  6. f) Thoroughly anonymised;
  7. g) Aggregated across multiple clients;
  8. h) Stripped of any identifying characteristics.

10. Data Retention

10.1 We retain your data for as long as necessary to:

  1. a) Provide our services;
  2. b) Comply with legal obligations;
  3. c) Resolve disputes;
  4. d) Enforce agreements.

11. Automated Decision Making

11.1 We may use automated decision making for:

  1. a) Subscription management;
  2. b) Fraud prevention.

12. Children’s Privacy

12.1 Our services are not intended individuals under 18 years of age. We do not knowingly collect data from children.

13. Incident Response and Data Breaches

13.1 Incident Classification

We classify security incidents based on:

  1. a) Type of data affected;
  2. b) Number of individuals impacted;
  3. c) Potential harm to data subjects;
  4. d) System availability impact.
  5. e) Severity levels
  1. I. Critical- Immediate response required;
  2. II. High- Response within 2 hours;
  3. III. Medium- Response within 24 hours;
  4. IV. Low- Response within 48 hours.

13.2 Notification Procedures

13.2.1 Client Notification

We will notify affected clients:

  1. a) Without undue delay;
  2. b) Within 24 hours of breach discovery;
  3. c) With regular updates as the investigation progresses;

13.2.2 Notification includes:

  1. a) Nature of the breach;
  2. b) Categories of data affected;
  3. c) Approximate number of records affected;
  4. d) Likely consequences;
  5. e) Measures taken or proposed.

13.2.3 Regulatory Notification

We will notify the ICO:

  1. a) Within 72 hours of becoming aware of a breach;
  2. b) Unless the breach is unlikely to result in risk to rights and freedoms;
  3. c) With all information required by GDPR Article 33.

13.3 Incident Response Team

Our dedicated incident response team includes:

  1. a) Data Protection Officer;
  2. b) IT Security Specialists;
  3. c) Legal Counsel;
  4. c) Client Support Representatives.

13.4 Response and Recovery Procedures

13.4.1 Immediate Response

  1. a) Incident containment;
  2. b) Evidence preservation;
  3. c) Impact assessment;
  4. d) Stakeholder notification.

13.4.2 Investigation

  1. a) Root cause analysis;
  2. b) Extent of breach determination;
  3. c) Data exposure assessment;
  4. d) Timeline reconstruction.

13.4.3 Remediation

  1. a) Security vulnerability patching;
  2. b) System hardening;
  3. c) Policy and procedure updates;
  4. d) Staff training improvements.

13.5 Post-Incident Activities

  1. a) Detailed incident reports for clients;
  2. b) Lessons learned documentation;
  3. c) Implementation of preventive measures;
  4. d) Review and update of security protocols.

13.6 Business Continuity

  1. a) Redundant systems for critical functions;
  2. b) Data backup and recovery procedures;
  3. c) Alternative communication channels;
  4. d) Regular disaster recovery testing.

14. Documentation and Compliance

14.1 Incident Documentation

We maintain detailed records of all incidents:

  1. a) Incident logs and timeline;
  2. b) Response actions taken;
  3. c) Communication records;
  4. d) Post-incident analysis reports.

14.2 Regular Testing

We conduct regular:

  1. a) Penetration testing;
  2. b) Vulnerability assessments;
  3. c) Incident response drills;
  4. d) Recovery procedure testing.

15. International Data Transfers

15.1 Data Storage Locations:

  1. a) Primary data storage: [England];

15.2 Transfer Mechanisms

For transfers outside the UK/EEA, we rely on:

  1. a) UK Adequacy Regulations;
  2. b) Standard Contractual Clauses (SCC);
  3. c) Binding Corporate Rules (if applicable).

15.3 Transfer Safeguards

We implement additional safeguards:

  1. a) End-to-end encryption for data in transit;
  2. b) Data minimisation principles;
  3. c) Regular transfer impact assessments;
  4. d) Contractual commitments from recipients.

15.4 International Access Controls

  1. a) Strict access controls for international staff;
  2. b) Data access logging and monitoring;
  3. c) Regular audits of international data access;
  4. d) Geofencing of sensitive data where required.

16. Cookies and Tracking

16.1 We use cookies and similar technologies for:

  1. a) Essential functionality;
  2. b) Performance monitoring;
  3. c) User experience improvement.

16.2 You can manage cookie preferences through your browser settings.

17. Your Rights

17.1 Under GDPR and UK data protection law, you have the right to:

  1. a) Access your personal data;
  2. b) Rectify inaccurate data;
  3. c) Erase your data (in certain circumstances);
  4. d) Restrict processing;
  5. e) Data portability;
  6. f) Object to processing;
  7. g) Withdraw consent.

17.2 To exercise these rights, contact us at [contact@stealthrobotics.co.uk].

18. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes and obtain consent where required.

19. Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

  1. Website: www.ico.org.uk
  2. Phone: 0303 123 1113.