Privacy Policy

Last Updated: 22/09/2025

Effective Date: 23/09/2025

BrilliantFlow AI (“Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you interact with our website, services, or communications.By using our Services, you agree to the practices described in this Policy.

1. Who We Are

BrilliantFlow AI is a London-based agency providing AI-powered automation, consultancy, and digital transformation solutions for small and medium-sized enterprises (SMEs).

We act as the Data Controller for the personal data we collect directly and may act as a Data Processor when handling client-provided data on their behalf.

Contact details:
BrilliantFlow AI
 Email: info@brilliantflowai.com
Location: London, United Kingdom

2. Data We Collect

We collect and process the following types of personal data:

a) Information you provide directly

  • Name, email address, phone number, and business details (when contacting us, subscribing, or using our services).
  • Payment and billing details (when purchasing services).
  • Content of messages, inquiries, or support requests.

b) Information collected automatically

  • Technical data: IP address, browser type, device type, operating system.
  • Usage data: pages visited, time spent, clicks, and interactions with our website.
  • Cookies and similar technologies (see Cookies Policy).

c) Client project data

When delivering automation services, we may temporarily process:

  • Business workflows, contact lists, or operational data shared by clients.
  • API keys or access credentials (with client consent).

We do not collect sensitive personal data (e.g., health, religion) unless explicitly required and agreed upon.

3. How We Use Your Data

We process your data for the following purposes:

  • To provide and deliver our services.
  • To respond to inquiries and customer support requests.
  • To manage billing, invoices, and payments.
  • To improve and optimize our website and services.
  • To send updates, newsletters, or marketing communications (only with consent).
  • To comply with legal obligations (e.g., tax, regulatory).

4. Legal Basis for Processing

We process personal data under the following lawful bases (as required by GDPR/UK GDPR):

  • Contract – when processing is necessary to perform our services.
  • Consent – when you agree to receive marketing or optional communications.
  • Legitimate interests – for business improvements, analytics, or security.
  • Legal obligation – when required by law (e.g., record-keeping, fraud prevention).

5. Data Sharing & Transfers

We do not sell personal data.

We may share data with:

  • Trusted service providers (e.g., hosting providers, automation platforms like Zapier/Make.com, payment processors, CRM tools).
  • Professional advisors (e.g., accountants, legal advisors).
  • Regulators or law enforcement, if required by law.

If data is transferred outside the UK/EU (e.g., to US-based cloud providers), we ensure compliance with GDPR through adequacy decisions or Standard Contractual Clauses (SCCs).

6. Data Retention

We retain personal data only as long as necessary:

  • Client project data – retained for the duration of the project and securely deleted within 90 days of completion unless agreed otherwise.
  • Billing & legal records – retained for at least 6 years (per UK legal requirements).
  • Marketing data – until you unsubscribe or withdraw consent.

7. Data Security

We use appropriate technical and organizational measures to protect personal data, including:

  • Encrypted data storage and transfers.
  • Restricted access to project and client files.
  • Secure deletion protocols.

However, no online transmission is 100% secure; we cannot guarantee absolute security.

8. Your Rights (UK/EU GDPR)

You have the following rights regarding your personal data:

  • Right to access – request a copy of the data we hold.
  • Right to rectification – correct inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”).
  • Right to restrict processing – limit how we use your data.
  • Right to data portability – request transfer to another provider.
  • Right to object – to marketing or certain processing activities.
  • Right to withdraw consent – at any time for consent-based processing.

To exercise your rights, contact us at info@brilliantflowai.com.

If you are based in the UK/EU, you also have the right to lodge a complaint with the ICO (Information Commissioner’s Office, UK) or your local data protection authority.

9. Children’s Privacy

Our Services are not directed to children under 18. We do not knowingly collect personal data from minors.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with the “Last Updated” date. Continued use of our Services after updates constitutes acceptance.

11. Contact Us

If you have questions about this Privacy Policy, please contact us:

BrilliantFlow AI
 Email: info@brilliantflowai.com
Location: London, United Kingdom

A softly focused, oval shape used as a decorative background element to generate a subtle glow or aesthetic point of interest.