Legal

Privacy Policy

Last updated: March 2026  ·  CopyWise Hub Limited  ·  Company No. 16156530

1. Who We Are

CopyWise Hub Limited ("CopyWise", "we", "us", "our") is a company registered in England and Wales under company number 16156530, incorporated on 30 December 2024. We provide AI-driven finance and operations automation services to small and medium-sized enterprises (SMEs).

For all data protection matters, we act as the data controller in respect of personal data collected via our website and in the course of providing our services.

Contact us regarding any privacy matter at: privacy@copywisehub.com

2. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our website at copywisehub.com
  • Prospective clients who book a discovery call or make an enquiry
  • Clients and contacts with whom we engage in the delivery of our services
  • Any individual whose personal data we process in connection with our business activities

This policy has been prepared in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018).

3. Data We Collect and How We Collect It

3.1 Website Visitors

Our website (copywisehub.com) does not use cookies or tracking technologies beyond what is necessary for core website functionality. We do not operate Google Analytics or any third-party advertising trackers on our site.

Our website is hosted via Vercel. Vercel may collect standard server-level access logs (IP addresses, browser type, page requests) as part of its infrastructure operations. Please refer to Vercel's privacy policy for further information.

3.2 Calendly Booking Data

If you book a discovery call or meeting via our Calendly integration, Calendly will collect your name, email address, and any other information you choose to provide in the booking form. This data is processed by Calendly in accordance with their own privacy policy. We receive and retain the booking information to facilitate our call and any subsequent engagement.

3.3 Business Communications

When you contact us via email or LinkedIn, we collect your name, email address, business details, and the content of your communications for the purpose of responding to your enquiry and assessing whether our services are a suitable fit.

3.4 Call Recordings

We use Fathom, an AI notetaking tool, to record and summarise discovery and client calls. Fathom joins calls as a visible participant ("Fathom Notetaker"), which makes the recording apparent to all participants. By remaining on the call following the appearance of the Fathom Notetaker, participants acknowledge that the session is being recorded.

Call summaries are stored within Fathom and may also be saved to our internal Notion workspace. Recordings are used solely for the purposes of follow-up, service delivery, and internal reference.

3.5 Service Delivery Data

In the course of delivering automation services, we may process business data provided by clients, which may include financial records, operational data, or other commercially sensitive information. Where such data includes personal data (for example, employee names or contact details within financial records), we act as a data processor on behalf of the client. This is governed by a separate Data Processing Agreement (DPA) between CopyWise Hub Limited and the relevant client.

4. Legal Basis for Processing

We rely on the following lawful bases under UK GDPR Article 6:

  • Legitimate interests (Article 6(1)(f)): to respond to enquiries, manage business relationships, improve our services, and conduct outreach to prospective clients who may benefit from our services
  • Contract (Article 6(1)(b)): to fulfil our obligations under a service agreement with a client
  • Legal obligation (Article 6(1)(c)): where processing is required to comply with applicable law
  • Consent (Article 6(1)(a)): where we have obtained your explicit consent, for example in connection with specific communications

5. How We Use Your Data

We use the personal data we collect to:

  • Respond to enquiries and schedule discovery calls
  • Assess suitability and scope for potential engagements
  • Deliver agreed automation services to clients
  • Maintain internal records of calls and project notes
  • Conduct business development and targeted outreach via LinkedIn
  • Comply with our legal and regulatory obligations

We do not use your personal data for automated decision-making or profiling in any way that produces legal or similarly significant effects.

6. Third-Party Tools and Sub-Processors

In the course of operating our business and delivering services, we use the following third-party tools that may process personal data on our behalf:

CalendlyCalendly LLC, US — meeting scheduling and booking management
FathomFathom Video Inc., US — call recording and AI-generated meeting summaries
NotionNotion Labs Inc., US — internal knowledge management and note storage
Google WorkspaceGoogle LLC, US — email (Gmail), document storage (Google Drive), and spreadsheet management (Google Sheets)
Anthropic Claude APIAnthropic PBC, US — AI language model used within automation workflows
OpenAI APIOpenAI OpCo LLC, US — AI language model used within automation workflows
HostingerHostinger International Ltd, Cyprus — email hosting
VercelVercel Inc., US — website hosting and deployment
LinkedIn / Sales NavigatorLinkedIn Corporation, US — professional outreach and lead identification
n8nSelf-hosted, UK — automation workflow engine, operated on local infrastructure within the United Kingdom

Where these providers are based outside the UK or EU, we rely on appropriate transfer mechanisms including Standard Contractual Clauses (SCCs) or adequacy decisions where applicable. All sub-processors listed above operate under their own published data processing terms, which we have reviewed and accepted where required.

7. International Data Transfers

CopyWise Hub Limited operates as a UK-based business and serves clients in the United Kingdom, United States, India, and other jurisdictions. Some of our sub-processors are based in the United States.

Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place in accordance with Chapter V of the UK GDPR. This includes reliance on:

  • UK adequacy regulations for countries deemed adequate by the UK Secretary of State
  • International data transfer agreements (IDTAs) or Standard Contractual Clauses (SCCs) as applicable
  • Sub-processor data processing agreements that include appropriate transfer mechanisms

The UK has determined that transfers to certain countries, including the US under specific frameworks, may be made subject to appropriate safeguards. We keep our transfer mechanisms under review as the regulatory landscape evolves.

8. Data Retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. Our general retention approach is as follows:

  • Enquiry and contact data: retained for up to 24 months from last contact, or until you request deletion
  • Call recordings and summaries: retained for the duration of any associated engagement plus 12 months, unless otherwise agreed
  • Client project data: retained for the duration of the engagement and for a period of up to 6 years thereafter in accordance with UK legal and tax record-keeping obligations
  • Marketing and outreach records: retained until you object to processing or until we determine the contact is no longer relevant

Where data is processed on behalf of a client (as data processor), retention is governed by the applicable Data Processing Agreement with that client.

9. Data Security

We take the security of personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, or disclosure. These include:

  • Access controls limiting who can view client and prospect data
  • Use of encrypted communication channels for business correspondence
  • Self-hosted automation infrastructure (n8n) operated on UK-based hardware with access-restricted environments
  • Use of anonymised or synthetic data during development and testing phases, with live client data processed only within agreed environments
  • Contractual obligations placed on sub-processors to maintain equivalent security standards

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of it, and affected individuals where required.

10. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

Right of accessRequest a copy of the personal data we hold about you.
Right to rectificationRequest correction of inaccurate or incomplete data.
Right to erasureRequest deletion of your data where there is no lawful reason to continue processing it.
Right to restrictionRequest that we limit how we use your data in certain circumstances.
Right to data portabilityReceive your data in a structured, commonly used format where processing is based on consent or contract.
Right to objectObject to processing based on legitimate interests, including direct marketing.
Automated decision-makingWe do not carry out solely automated decision-making with legal or significant effects.

To exercise any of these rights, please contact us at privacy@copywisehub.com. We will respond within one calendar month of receiving your request. We may ask you to verify your identity before processing your request.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

11. Cookies

Our website does not currently use cookies for tracking, analytics, or advertising purposes. If this changes, this policy will be updated and a cookie notice will be displayed on the website accordingly.

12. Children's Data

Our services are directed exclusively at business clients and professional contacts. We do not knowingly collect or process personal data relating to individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us immediately at privacy@copywisehub.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. The most current version will always be available on our website at copywisehub.com/privacy. We will indicate the date of the last update at the top of this document.

Material changes will be communicated to active clients directly. Continued use of our services following any update constitutes acceptance of the revised policy.

14. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:

CopyWise Hub Limited

Registered in England and Wales | Company No. 16156530

Email: privacy@copywisehub.com

Website: copywisehub.com