1. Who we are
aicoded.co.uk is operated by JEMA Software Ltd, a UK software company. For the purposes of UK data protection law, including the UK GDPR and the Data Protection Act 2018, JEMA Software Ltd is the controller for personal data collected through this website and during ordinary business enquiries.
2. Personal data we collect
We may collect the following types of personal data:
- Contact details, such as your name, email address, phone number, business name, and role.
- Enquiry information, such as messages you send to us, project requirements, budget ranges, timelines, and business objectives.
- Client account and billing information, such as invoicing contacts, company details, payment status, and contract records.
- Technical information, such as IP address, browser type, device information, pages viewed, referring website, and approximate location derived from your connection.
- Project information that you choose to share with us, such as workflow details, sample documents, data structures, software access requirements, or user research material.
3. How we collect personal data
We collect personal data when you email us, use a contact link, request a proposal, become a client, provide information during a project, sign documents, pay invoices, or interact with our website. We may also receive information from your colleagues, business partners, or publicly available business sources where relevant to a project or enquiry.
4. How we use personal data
We use personal data to respond to enquiries, assess potential projects, prepare proposals, provide software design and development services, manage client relationships, issue invoices, keep business records, improve our website, maintain security, and comply with legal obligations.
5. Lawful bases for processing
We rely on different lawful bases depending on the context. We process enquiry and project data where it is necessary to take steps before entering into a contract or to perform a contract with you. We process business records, security information, and basic analytics where we have a legitimate interest in running and improving our business. We process invoice and tax records where necessary to comply with legal obligations. Where we use optional cookies or direct marketing that requires consent, we will rely on consent.
6. AI and client project data
Where a project involves AI systems, automations, chatbots, or integrations, we will only use client-provided data for the agreed project purposes. We do not sell client data. If a project requires use of third-party AI providers, hosting providers, analytics tools, or automation platforms, we will agree the intended use with the client and take reasonable steps to use appropriate providers and settings for the project. Clients should not provide highly sensitive personal data unless it is necessary for the agreed work and appropriate safeguards have been discussed.
7. Sharing personal data
We may share personal data with service providers who help us operate our business, such as hosting providers, email providers, payment processors, accountants, legal advisers, project management tools, development platforms, analytics providers, and subcontractors working under our instructions. We may also share information where required by law, regulation, court order, or to protect our legal rights.
8. International transfers
Some service providers may process data outside the UK. Where this happens, we will rely on appropriate safeguards where required, such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or equivalent lawful transfer mechanisms.
9. Data retention
We keep personal data only for as long as reasonably necessary. Enquiry records are usually kept for up to 24 months unless a project begins or there is a continuing business reason to retain them. Client project records are usually kept for the duration of the relationship and then for up to 7 years for legal, tax, audit, and dispute purposes. Technical logs and analytics data are generally kept for shorter periods unless needed for security or troubleshooting.
10. Security
We use reasonable technical and organisational measures to protect personal data, including access controls, secure accounts, supplier due diligence, and limiting access to people who need it for business or project purposes. No system is completely secure, so we cannot guarantee absolute security.
11. Your rights
Depending on the circumstances, you may have the right to request access to your personal data, correction, deletion, restriction, portability, objection to processing, and withdrawal of consent. You also have the right to complain to the Information Commissioner's Office. We would appreciate the chance to deal with your concern first, so please contact us at contact@jamesfinance.co.uk.
12. Marketing
We may contact business contacts about similar services where permitted by law and where we believe the information is relevant. You can opt out of marketing at any time by contacting us. We do not sell mailing lists.
13. Cookies
Our use of cookies and similar technologies is explained in our cookies policy. Essential cookies may be used to make the site work. Optional analytics or marketing cookies will only be used where legally permitted and, where required, with consent.
14. Changes to this policy
We may update this policy from time to time to reflect changes in our services, legal requirements, or business operations. The latest version will be published on this page.
15. Contact
For privacy questions or rights requests, contact JEMA Software Ltd at contact@jamesfinance.co.uk.