Skip to main content

Privacy Policy

Our privacy policy and how we use your data

Last updated:

Handlet — Privacy Policy (MVP Draft)

Applies to: handlet.ai, app.handlet.ai, and related Handlet websites and applications.

This Privacy Policy applies to the Handlet website, application, and related services. It explains how we collect, use, store, and protect personal data when you use Handlet.

MVP NOTICE
This Privacy Policy reflects Handlet's current MVP data practices. It is written to be accurate, readable, and GDPR-aligned, and will be reviewed by legal counsel as the product matures.

1. Who We Are

Handlet ("Handlet", "we", "us", "our") is the data controller for personal data processed through the Handlet platform.

Contact:
Email: privacy@handlet.ai, support@handlet.ai
Website: https://handlet.ai

2. Relationship to Terms

This Privacy Policy should be read together with our Terms of Service.

Where the Terms explain how the service works, this policy explains how personal data is handled.

3. Data We Process

Handlet processes data primarily so it can act as a digital office assistant for trades.

Personal data may be processed on behalf of Handlet customers where they use the platform to manage communications with their own customers.

3.1 Data You Provide Directly

  • Account information (name, email address)
  • Business details (business name, trade type)
  • Login and authentication details

3.2 Customer and Communication Data (Provided by You)

When you connect inboxes or messaging channels, we may process:

  • Emails and message content
  • Customer names
  • Customer contact details (email address, phone number, messaging handles)
  • Message metadata (timestamps, channel source)

This data belongs to you and your business. In relation to customer communication data processed through the platform, the business user is typically the data controller, and Handlet acts as a data processor on their behalf.

3.3 AI-Processed Data

To provide AI assistance, we process:

  • Message content for drafting replies
  • Job details for drafting quotes
  • Review content for suggested responses
  • Conversation summaries

AI outputs are generated per request and are not treated as independent data sources.

3.4 Technical and Usage Data

Technical and usage data may include IP address, device information, log records, and cookies used to maintain sessions or preferences. It may also include error and performance logs and feature usage signals (non-content).

4. Purposes of Processing

We process personal data to:

  • Provide and operate the Handlet service
  • Deliver inbox, quote, and review assistance
  • Generate AI-assisted drafts and summaries
  • Maintain security and prevent misuse
  • Improve reliability and performance
  • Communicate with you about the service

We do not sell personal data.

Handlet only processes personal data that is necessary to provide the service and avoids collecting unnecessary personal information.

For more detail on our lawful bases and data categories, see How we process personal data and Lawful basis and data categories.

5. Children's Data

Handlet is not intended for use by children under the age of 16, and we do not knowingly collect personal data from children.

6. Legal Bases

Depending on the context, we rely on:

  • Contractual necessity — to provide the service you signed up for
  • Legitimate interests — to operate, secure, and improve Handlet
  • Consent — where required (e.g. connecting third-party accounts)
  • Legal obligation — where required by law

7. AI Processing

Handlet uses AI to assist, not replace, human decision-making.

Important points:

  • AI outputs are suggestions only
  • You remain responsible for all messages, quotes, and replies sent
  • No automated decisions are made that have legal or similarly significant effects on individuals

8. Data Processors

Handlet uses trusted processors to deliver the service.

These may include:

  • Hosting and databases (e.g. Supabase)
  • Authentication providers (for example Google OAuth)
  • AI service providers
  • Email and messaging infrastructure

Processors only access data as needed to provide their services and are bound by appropriate data protection obligations.

A list of our current subprocessors is available at: Handlet Subprocessors.

9. International Transfers

Some processors may operate outside the UK or EEA.

Where this occurs, we rely on:

  • Adequacy decisions
  • Standard contractual clauses
  • Other lawful transfer mechanisms

10. Data Retention

We retain data only as long as necessary to provide the service and meet legal obligations.

At MVP:

  • Account data is retained while your account is active
  • Message and quote data is retained for service continuity
  • Logs are retained for a limited period for security and diagnostics

More detailed retention rules are set out in How we process personal data and Lawful basis and data categories.

11. Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion (where applicable)
  • Object to certain processing
  • Request data portability
  • Lodge a complaint with the UK Information Commissioner's Office (ICO)

12. Exercising Rights

During MVP, requests for your data (including access, correction or deletion) are handled manually.

To make a request, email privacy@handlet.ai.

We aim to respond within 30 days, as required by GDPR.

13. Security

We take reasonable technical and organisational measures to protect personal data. These may include secure hosting, access controls, encrypted connections (HTTPS), and monitoring systems.

However, no system is completely secure, and we cannot guarantee absolute security.

14. Changes

We may update this Privacy Policy from time to time.

If changes are material, we will notify users via email or in-app notice. The "Last updated" date at the top of this page will be revised when we make changes.

15. Cookies

We use strictly necessary cookies to maintain login sessions and remember interface preferences. We do not use cookies for advertising or to track you across other websites.

For detailed information about the cookies we use, please see our Cookie Policy.

16. Related Policies

For detailed processing purposes, lawful bases, and data categories under UK GDPR, see How we process personal data and Lawful basis and data categories.

17. Contact

For privacy questions or requests please contact: privacy@handlet.ai

AI Assistance: Handlet uses AI to classify intent and draft responses. All suggestions are for your review. You are responsible for all messages sent. Learn More