Privacy Policy

1) Who we are and how to contact us

MYR AI Solutions Ltd is a UK-based consultancy specializing in practical artificial intelligence, analytics, and automation services for business clients. For the purposes of the UK General Data Protection Regulation (UK GDPR) and the EU GDPR where applicable, MYR AI Solutions Ltd is the Data Controller for personal data collected through this website and related communication channels. Our registered contact details are: MYR AI Solutions Ltd, 12 Baker Street, London, W1U 3BH, United Kingdom. General contact: [email protected]. Privacy-specific enquiries: [email protected]. You can also reach us by phone at +44 20 3966 2048. We respond to privacy requests within one month whenever possible and always within the timelines required by law.

2) What personal data we collect

We collect only the data that we need to provide our services, operate this website, and communicate with you. The categories of personal data we may process include: identification and contact details such as full name, company, job title, email address, and phone number; communications content that you share in enquiry forms or emails; marketing preferences and newsletter subscription status; technical and usage data such as IP address, device identifiers, browser type, operating system, pages viewed, time spent, referring URLs, and interactions with on-page elements; cookie identifiers and similar tracking data that help us remember your preferences and understand how visitors use the site; and limited business context information you provide about your goals or requirements when requesting a discovery call. We do not intentionally collect special category data such as health, biometric, or political information through this website.

3) How we collect data

We collect data in four primary ways. First, you may provide it directly by completing a web form, subscribing to our newsletter, downloading a resource, or emailing us. Second, we collect certain technical data automatically through cookies and similar technologies when you browse our site; these analytics tools help us measure traffic and improve usability. Third, our servers generate logs for security and performance that may include your IP address and user agent. Fourth, if you engage us for services, we may collect additional business contact details during onboarding via secure channels. Where optional fields are presented, you can choose what to share. You can browse most of our site without providing personal data, and non-essential cookies are used only with your consent via the cookie banner.

4) Lawful bases for processing

We rely on different legal bases depending on the context of processing, consistent with Article 6 of the UK/EU GDPR. Consent (Art. 6(1)(a)): for sending marketing emails and newsletters, setting non-essential analytics or marketing cookies, and contacting you about educational resources when you opt in. Contract (Art. 6(1)(b)): to take steps at your request prior to entering into a contract (for example, responding to an enquiry or scheduling a discovery call) and to perform our obligations if you become a client. Legitimate interests (Art. 6(1)(f)): to secure our website, prevent fraud and abuse, measure and improve site performance, and communicate with corporate contacts about our services in a way that is respectful and proportionate. Legal obligation (Art. 6(1)(c)): to comply with tax, accounting, and regulatory requirements, and to respond to lawful requests from public authorities. Where we rely on legitimate interests, we balance our interests against your rights and expectations and implement safeguards such as data minimisation and opt-out options.

5) How we use personal data

We use personal data to operate and improve our website, deliver requested content, and provide services. Typical purposes include: responding to messages and discovery call requests; sending newsletters and updates when you subscribe; providing access to resources such as guides and checklists; analysing aggregated traffic to understand which pages are most helpful; maintaining the security and integrity of our systems; complying with legal and contractual requirements; and maintaining business records. We do not make automated decisions that produce legal or similarly significant effects on individuals. Any profiling for marketing is limited to simple segmentation such as newsletter interest categories and occurs only with consent. We never sell personal data.

6) Data retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy or to meet legal, accounting, or reporting requirements. Specific retention periods are as follows: form submissions and enquiry correspondence are retained for up to 2 years from last interaction; newsletter subscription data is kept until you unsubscribe plus 30 days to complete suppression and auditing; analytics data collected via cookies is retained for up to 14 months; server logs used for security and diagnostics are retained for up to 90 days; contract and invoicing records are retained for up to 7 years to meet statutory obligations. When retention periods expire, data is securely deleted or anonymised. You may request deletion earlier where we process data based on consent and no overriding legal obligation requires continued retention.

7) Sharing and disclosure

We share personal data only with trusted service providers and only to the extent necessary for them to perform services on our behalf, under written agreements that include confidentiality and data protection obligations. Categories of recipients include: website hosting and infrastructure providers; email delivery platforms for transactional and newsletter communications; analytics providers for aggregated website usage metrics; productivity and customer relationship tools we use to manage enquiries; and professional advisors such as accountants or legal counsel when needed. If we are involved in a business reorganisation or legal process, data may be disclosed where strictly required by law. We do not sell or rent personal data. If we ever intend to use data for a materially different purpose, we will request your consent where required or provide a clear opt-out.

8) International data transfers

Our primary data processing takes place in the United Kingdom and the European Economic Area. Some of our service providers may process data in other countries, including the United States. Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place. Depending on the provider and location, we rely on one or more of the following mechanisms: the UK/EU Standard Contractual Clauses with the UK Addendum as applicable; an adequacy decision by the UK Government or European Commission; or the EU-U.S. Data Privacy Framework and its UK Extension where the recipient is certified. We also apply additional safeguards such as access controls, encryption in transit, and data minimisation. Copies of relevant transfer mechanisms can be requested by contacting [email protected].

9) Your rights

You have the following rights under the UK/EU GDPR, subject to certain exceptions: right of access to the personal data we hold about you; right to rectification if information is inaccurate or incomplete; right to erasure in certain circumstances, for example when data is no longer necessary or consent is withdrawn; right to restrict processing while a complaint is investigated or where accuracy is contested; right to data portability for information you provided to us with consent or under a contract, delivered in a commonly used format; right to object to processing based on legitimate interests or for direct marketing; and the right to withdraw consent at any time where processing is based on consent. To exercise your rights, contact us at [email protected]. We may request additional information to verify your identity and protect your data. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). We would appreciate the chance to address your concerns first.

10) Cookies and similar technologies

Cookies are small files placed on your device that help websites function and improve user experience. We categorise cookies as strictly necessary, analytics, and marketing. Strictly necessary cookies enable core features such as page navigation, load balancing, and form security; they are always active and generally expire at the end of the session or within a few days. Analytics cookies collect aggregated, pseudonymous statistics about how visitors use our site, such as page views and time on page; these are set only with your consent through our cookie banner and typically last up to 14 months. Marketing cookies help measure the performance of our promotional activities and may be used to limit the frequency of seeing an ad; these are optional and, when used, usually expire within 3 months unless you clear them sooner. You can manage preferences through the cookie banner presented on your first visit, revisit the banner by clearing site cookies, or control cookies in your browser settings. Disabling certain cookies may impact site performance but should not block access to our core content.

11) Children’s privacy

Our website, resources, and services are intended for business users and are not directed to children. We do not knowingly collect personal data from anyone under the age of 16. If you are a parent or guardian and believe a child has provided us with personal data without your consent, please contact us at [email protected]. If we discover that we have collected personal data from a minor without appropriate consent, we will take reasonable steps to delete such data promptly.

12) Security measures

We implement technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption in transit using HTTPS/TLS, role-based access controls, least-privilege permissions, regular update practices, logging and monitoring of access, and vendor due diligence. We train our staff on confidentiality and data handling, and we restrict access to personal data to personnel who need it to perform their job functions. While no method of transmission or storage is completely secure, we continually assess risks and update controls in line with industry standards and legal requirements.

13) Marketing communications

We send newsletters and educational updates only when you actively subscribe or where permitted for business contacts. Every email includes an unsubscribe link that immediately removes you from future marketing mailings. If you unsubscribe, we keep a minimal suppression record to ensure we respect your choice. We may follow up on resource downloads when you opt in for related content. You can change your preferences at any time by using the unsubscribe link or by emailing [email protected]. We do not use sensitive personal data for marketing and do not conduct invasive targeting on this site.

14) Third-party links

Our website may include links to third-party resources for convenience and additional context. Clicking those links may allow third parties to collect or share data about you under their own policies. We are not responsible for the privacy practices of external sites. We encourage you to review the privacy information presented on any external destination before providing personal data. Our own key pages, including About, Guides, Use Cases, Blog, Resources, Privacy, and Terms, are linked in our navigation and footer for quick access.

15) Exercising your rights and making a complaint

To make a request under your privacy rights, email [email protected] with the subject line “Data Rights Request” and specify the right you wish to exercise. We will acknowledge receipt and may ask for information to verify your identity and confirm your relationship with us. We aim to respond within one month; complex requests may take up to two additional months, in which case we will inform you. If you are unsatisfied with our response, you can contact the UK Information Commissioner’s Office (ICO). We are committed to resolving any issue fairly and promptly and recommend contacting us first so we can try to help.

16) Changes to this policy

We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes, we will post a notice on this page and, where appropriate, notify subscribers by email or display a banner on our site. We encourage you to review this page periodically to stay informed about how we protect your information. The effective date of the current version is shown at the top of this page as “Last Updated: January 15, 2026.” Continued use of our website after updates take effect constitutes your acknowledgement of the revised policy.

17) Contact details

Data Controller: MYR AI Solutions Ltd. Address: 12 Baker Street, London, W1U 3BH, United Kingdom. Phone: +44 20 3966 2048. General email: [email protected]. Privacy email: [email protected]. If you prefer, you can write to us at our London address. For urgent security matters, please include “Security” in your subject line so we can route your message quickly.