Privacy Policy
Last Updated: May 14, 2026
1. Introduction
Welcome to [Your Site Name]. We respect your privacy and are committed to protecting your personal data. This policy informs you how we look after your personal data when you visit our website and tells you about your privacy rights under UK law.
2. The Data We Collect
We collect, use, and store different kinds of personal data about you:
Identity & Contact Data: Includes your email address (collected via [newsletter signup/contact form]).
Technical Data: Includes internet protocol (IP) address, browser type and version, time zone setting, and location.
Usage Data: Information about how you use our website and interact with our AI features.
3. How We Use Your Data & Gemini AI
We use your data only when the law allows us to. Most commonly, we use your data in the following circumstances:
A. Gemini AI Integration
Our site utilizes the Google Gemini AI API to provide our business planning tools.
Input Data: When you interact with the AI, the text you enter is processed by Google Gemini.
Safeguards: We do not send your email address or identifiable "Identity Data" to the Gemini API unless it is part of the prompt you explicitly provide.
Automated Decision Making: Pursuant to the UK Data Use and Access Act 2025, we provide meaningful information about any automated logic used and ensure users have the right to contest significant decisions made by AI (GDPR Local, 2026).
B. Email Collection
We collect your email address based on your consent (for marketing) or contractual necessity (to provide a service). You can opt out at any time by clicking the "unsubscribe" link in our emails.
4. Cookies
Our website uses cookies to distinguish you from other users.
Strictly Necessary Cookies: Required for the operation of our site.
Analytical/Performance Cookies: Allow us to recognise and count the number of visitors.
Targeting Cookies: Record your visit to our site and the pages you have followed.
Note: We use a cookie consent banner that requires your "clear affirmative action" before non-essential cookies are placed, in line with ICO standards (Didomi, 2026).
5. Data Transfers (International)
Because we use the Gemini AI API, your data may be transferred to and processed in servers located outside the UK (e.g., the United States). We ensure a similar degree of protection is afforded by ensuring at least one of the following safeguards is implemented:
The country has been deemed to provide an adequate level of protection for personal data by the UK Government.
We use specific Standard Contractual Clauses (SCCs) approved for use in the UK (Didomi, 2026).
6. Your Legal Rights
Under the UK GDPR, you have the right to:
Request access to your personal data.
Request correction or erasure of your data.
Object to processing (including automated profiling).
Request a human review of any AI-generated decision that significantly affects you (ICO, 2026).
7. Contact Us
If you have any questions about this privacy policy or our privacy practices, please contact us at: hello@incho.co.uk