This Privacy Policy explains how SectorScript ("we", "us") collects, uses and protects personal data when you use our website and platform. We are a UK-based controller for account and marketing data, and a processor for the customer data you upload into the platform.
1. Data we collect
Account data
- Name, business email, company name, role
- Authentication identifiers (OAuth provider IDs, hashed credentials)
- Billing contact details (handled by our payment processor, Paddle)
Usage data
- Pages visited, features used, timestamps, device and browser info
- Error logs and diagnostic events used to keep the service running
Customer data (processed on your behalf)
- Prospect records you import or research
- Call recordings, transcripts, scripts, coaching notes
- CRM data you choose to sync
2. How we use it
- To provide, secure and improve the platform
- To bill you, send service updates and respond to support requests
- To send marketing about our product (you can opt out at any time)
- To meet legal obligations (tax, fraud prevention, compliance requests)
3. Legal bases
We rely on (a) contract to provide the service you subscribe to, (b) legitimate interests for product analytics and security, (c) consent for marketing emails and non-essential cookies, and (d) legal obligation where required.
4. Sharing
We share data only with vetted sub-processors needed to run the service (cloud hosting, AI providers for scoring/transcription, email delivery, payments). A current list of sub-processors is available on request and in the Data Processing Agreement.
5. International transfers
Customer data is stored in the United Kingdom. Where a sub-processor operates outside the UK/EEA we rely on UK International Data Transfer Agreements or Standard Contractual Clauses with supplementary measures.
6. Retention
Account data is retained while your subscription is active and for up to 30 days after cancellation, then deleted or anonymised. Customer data follows the retention you set in your workspace. You can request earlier deletion at any time.
7. Your rights
Under UK GDPR you have rights of access, rectification, erasure, restriction, portability and objection. Email privacy@sectorscriptai.com to exercise them. You can also complain to the UK ICO at ico.org.uk.
8. Security
Data is encrypted in transit (TLS 1.2+) and at rest. Access is role-based and audited. See our Security overview for more detail.
9. Cookies
We use strictly necessary cookies for authentication and CSRF protection, and (with your consent) analytics cookies to improve the product. You can manage preferences in your browser at any time.
10. Contact
SectorScript, United Kingdom. Email privacy@sectorscriptai.com.