Privacy Policy

1. Introduction

This Privacy Policy explains how AI SpendOps Ltd ("we", "us", "our"), a company registered in England and Wales (company number 17046015), collects, uses, and protects personal data when you use the AI SpendOps platform and visit our website.

AI SpendOps is a B2B API proxy platform that provides usage tracking, cost attribution, and governance for AI API calls. We act in a dual capacity:

• Data Controller: for account, billing, and marketing data we collect directly from you.
• Data Processor: for usage metadata generated when your API calls pass through our proxy, processed on your behalf under our Data Processing Addendum.

2. What We Collect

3. Marketing Chatbot ("Amy")

Our marketing website includes an AI-powered chat assistant called "Amy" that answers questions about AI SpendOps features, pricing, providers, and getting started. Amy is built on Anthropic's Claude large language model and is grounded in our public documentation.

Our Role

For the chatbot, AI SpendOps Ltd acts as a Data Controller under UK and EU GDPR. This is a different role from our processor role for proxy traffic (described in Section 1).

What We Process

• Chat input: the messages you type into the widget
• Hashed IP address: a one-way HMAC-SHA-256 hash of your IP, used only for rate limiting and abuse prevention
• Bot-detection signals: Cloudflare Turnstile collects browser characteristics to verify you are not an automated client
• Operational logs: request ID, message count, response status, and request duration

Recipients

• Anthropic PBC (United States) — receives your chat messages in order to generate responses. Under Anthropic's Commercial Terms of Service, your inputs and outputs are not used to train Anthropic's models. Anthropic may retain inputs for up to 30 days for trust and safety purposes. See Anthropic's privacy policy.
• Cloudflare, Inc. — provides Turnstile bot detection and edge hosting for the chat backend.

Lawful Basis

We rely on legitimate interests (UK/EU GDPR Article 6(1)(f)) to provide pre-sales product support and answer questions from website visitors. You can object to this processing at any time by not using the chat widget — the rest of the website functions without it.

Retention

We do not store chat conversations on our own systems beyond the lifetime of your browser session. Operational logs (hashed IP, message count, status) are retained for up to 90 days for security and abuse prevention. Anthropic's retention is governed by their terms (up to 30 days as noted above).

International Transfers

Chat input is transferred to Anthropic in the United States. This transfer is protected by the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, and, where applicable, the EU–US Data Privacy Framework.

Your Choices

The chatbot is entirely optional. The widget is collapsed by default and only activates when you open it. To avoid all chatbot processing, simply do not open or use the widget. Your data subject rights described in Section 9 apply to chat data we hold.

4. How We Use Your Data

• Service delivery: operating the proxy, generating usage reports, and providing the management portal
• Billing: calculating charges, processing payments, and issuing invoices
• Security: authenticating requests, detecting abuse, and maintaining audit logs
• Service improvement: analysing aggregate usage patterns to improve platform reliability and features
• Communications: sending service notifications, security alerts, and (with consent) product updates
• Legal compliance: meeting regulatory, tax, and legal obligations

5. Legal Bases for Processing

Under UK and EU GDPR, we rely on the following legal bases:

• Contract performance: processing necessary to deliver our services under your subscription agreement
• Legitimate interests: improving our services, ensuring platform security, and preventing fraud, where these interests are not overridden by your rights
• Legal obligation: retaining billing records to comply with HMRC and other regulatory requirements
• Consent: where you opt in to marketing communications (you can withdraw consent at any time)

6. Data Sharing & Sub-processors

We share personal data only with the following categories of service providers, who process data on our behalf under appropriate contractual safeguards:

AI providers are not sub-processors of the proxy Service. When your API calls pass through our proxy to providers such as OpenAI, Anthropic, or Google, those providers process your data under your own agreement with them. We do not control or determine the purposes of that processing.

Note: this section covers sub-processors for the AI SpendOps proxy product. The marketing-site chatbot uses Anthropic and Cloudflare Turnstile in a separate processing relationship described in Section 3.

7. International Data Transfers

Your data may be transferred to and processed in the following jurisdictions:

• United Kingdom: our primary place of business
• European Economic Area: covered by UK adequacy regulations
• United States: covers payment processing (Stripe) and the marketing chatbot (Anthropic). Transfers protected by Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, and, where applicable, the EU–US Data Privacy Framework
• Global edge locations: Cloudflare processes data at the nearest edge node; all data in transit is encrypted with TLS

8. Data Retention

9. Your Rights

Under UK and EU GDPR, you have the following rights with respect to personal data for which we are the controller:

• Access: request a copy of the personal data we hold about you
• Rectification: request correction of inaccurate or incomplete data
• Erasure: request deletion of your personal data, subject to legal retention requirements
• Restriction: request that we restrict processing of your data in certain circumstances
• Portability: receive your data in a structured, commonly used, machine-readable format
• Objection: object to processing based on legitimate interests
• Automated decision-making: we do not use your personal data for automated decision-making or profiling that produces legal effects

To exercise any of these rights, please contact us through our contact form. We will respond within one month.

10. Cookies

Marketing website: We use strictly necessary cookies (e.g. Cloudflare Turnstile bot-detection tokens, loaded only when the chat widget is opened) and, with your consent, Google Analytics cookies. We do not use advertising or cross-site tracking cookies. See our Cookie Policy for the full list.

Management portal: We use session cookies to maintain your authenticated session and preferences. These are strictly necessary for the portal to function.

11. Security

We implement appropriate technical and organisational measures to protect your data, including:

• HMAC-SHA-256 hashing of API keys (never stored in plain text)
• TLS encryption for all data in transit
• Encryption at rest for all stored data
• No storage of prompts, completions, or AI-generated content
• Enterprise-grade infrastructure (Cloudflare, Microsoft Azure)
• Role-based access control and audit logging

For more details, see our Security page.

12. Regional Supplements

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email to the address associated with your account and/or by a prominent notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of our services after changes take effect constitutes acceptance of the updated policy.

14. Contact & Complaints

If you have questions about this Privacy Policy or wish to exercise your rights:

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):