Our Policies

Swarm Labs Ltd — Privacy Policy

Swarm Labs Ltd ("Swarm Labs", "we", "us", "our") respects your privacy and is committed to protecting personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, store and protect personal data when you:

• Visit swarmlabs.io
• Interact with our AI voice or live chat systems
• Purchase services or digital products
• Use our client portal
• Engage us for consultancy, automation or AI services

1. Who We Are

Swarm Labs Ltd
Registered in England & Wales
Registered Office: Beehive Lofts, Beehive Mill, Manchester M4 6JG
Email: hello@swarmlabs.io

For the purposes of data protection law, we act as:

• Data Controller for our own business operations, marketing, website administration and AI interaction management;
• Data Processor when processing personal data on behalf of clients.

2. Personal Data We Collect

2.1 Contact Information

• Name
• Business email address
• Telephone number
• Company name
• Job title

2.2 AI Voice & Chat Interaction Data

• Voice recordings (where enabled)
• Call transcripts
• Chat transcripts
• Audio metadata (timestamps, call duration)
• Information submitted during AI interactions

2.3 Account & Portal Data

• Login credentials
• User activity logs
• Account preferences

2.4 Transaction Data

• Billing address
• Payment information (processed by secure third-party payment providers)
• Purchase history

2.5 Technical Data

• IP address
• Browser type and version
• Device information
• Website usage data

2.6 Client Project Data

Where we provide automation or AI services to clients, we may process personal data provided by clients. In these cases, we act as a Data Processor.

3. How We Use Personal Data

Contractual Necessity

• Providing consultancy, AI and automation services
• Operating AI voice and live chat systems
• Managing accounts and portal access
• Processing payments

Legitimate Interests

• Improving AI models and service performance
• Monitoring system quality and security
• Fraud prevention and misuse detection
• Responding to enquiries

Legal Obligation

• Accounting and tax compliance
• Regulatory requirements

Consent (where applicable)

• Marketing communications
• Non-essential cookies
• Call recording where legally required

4. AI & Automated Processing

Our services may use artificial intelligence systems and automated processing technologies to:

• Generate responses in live chat or voice interactions
• Transcribe and analyse speech
• Classify enquiries or route communications
• Trigger automated workflows

AI systems generate outputs algorithmically and may not involve direct human review at the point of interaction.

We do not carry out solely automated decision-making that produces legal or similarly significant effects under Article 22 UK GDPR unless explicitly agreed in writing.

Where automated tools assist decision-making, appropriate human oversight may be applied.

5. Sharing of Personal Data

We may share personal data with:

• Cloud hosting providers
• Payment processors
• AI model providers and automation platforms
• Telephony and voice infrastructure providers
• Professional advisers (legal, accounting)
• Regulatory authorities where required

All third parties are required to implement appropriate data protection safeguards.

6. International Transfers

Some third-party providers may process data outside the UK. Where international transfers occur, we implement appropriate safeguards, including:

• UK International Data Transfer Agreement (IDTA)
• UK Addendum to EU Standard Contractual Clauses
• Adequacy decisions

7. Data Security

We implement appropriate technical and organisational measures including:

• Secure cloud infrastructure
• Encrypted connections (SSL/TLS)
• Access controls and authentication measures
• Role-based access limitations

While no internet transmission is completely secure, we take commercially reasonable steps to protect personal data.

8. Data Retention

We retain personal data only as long as necessary for service provision, compliance and dispute resolution. Typically:

• Client data: duration of contract + up to 6 years
• AI voice recordings and transcripts: up to 24 months unless otherwise required
• Enquiry data: up to 24 months
• Financial records: 6 years

9. Your Rights

Under UK GDPR, individuals have the right to:

• Access personal data
• Request correction
• Request erasure
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent (where applicable)

Requests should be sent to: hello@swarmlabs.io

You have the right to lodge a complaint with the Information Commissioner's Office (ICO).

10. Client Data (Processor Activities)

Where we process personal data on behalf of clients:

• We act only on documented instructions
• Clients remain the Data Controller
• Processing terms may be set out in a separate Data Processing Addendum
• Clients are responsible for transparency obligations to their end users

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on our Website.

Swarm Labs Ltd — Cookie Policy

This Cookie Policy explains how Swarm Labs Ltd ("Swarm Labs", "we", "us", "our") uses cookies and similar technologies on:

• swarmlabs.io
• hub.swarmlabs.io

1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They enable websites to function properly, maintain secure sessions, remember preferences and analyse usage.

We may also use similar technologies such as local storage, session storage, pixels and tracking scripts.

2. Categories of Cookies We Use

2.1 Strictly Necessary Cookies

These cookies are essential for the operation and security of our websites, client portal and AI systems. They enable:

• Secure login and authentication
• Account session management
• Shopping basket functionality
• Payment processing
• Security monitoring and fraud prevention
• Load balancing and infrastructure stability

These cookies are required for core functionality and cannot be disabled through our systems.

2.2 AI Chat & Interaction Cookies

Where AI live chat or browser-based voice features are used, cookies or similar identifiers may be deployed to:

• Maintain conversation sessions
• Associate chat transcripts with a session ID
• Prevent duplicate requests
• Support security and abuse prevention
• Enable continuity between pages

These cookies are considered strictly necessary where required to deliver requested functionality.

2.3 Shopping Basket & Abandoned Cart Cookies

We use cookies and session identifiers on hub.swarmlabs.io to manage shopping baskets and recover abandoned purchases. This may occur where:

• A user is logged into their account; or
• A user enters their email address into a checkout or purchase form but does not complete the transaction.

These technologies allow us to:

• Retain basket contents
• Allow checkout resumption
• Send abandoned cart reminder emails (where permitted under applicable law)

Abandoned cart communications are sent based on:

• Consent (where required); or
• Legitimate interests where a soft opt-in applies under PECR.

2.4 Performance & Analytics Cookies

These cookies help us understand how visitors interact with our websites and AI systems. They may collect:

• Traffic data
• Page views and engagement metrics
• Referral sources
• Interaction events

These cookies are deployed only where you provide consent.

2.5 Functional Cookies

These cookies remember preferences and enhance usability, such as language settings or saved preferences.

2.6 Marketing & Advertising Cookies

Marketing cookies may be used to:

• Deliver relevant advertising
• Measure campaign effectiveness
• Track conversions

These cookies are only set where you provide consent.

3. Third-Party Cookies

We may use third-party service providers who set cookies or similar identifiers, including:

• Payment processors
• Analytics providers
• Email marketing platforms
• Cloud hosting providers
• AI and automation platform providers
• Telephony and voice infrastructure providers (where browser-based functionality is used)
• Customer relationship management (CRM) systems

These third parties process data in accordance with their own privacy and cookie policies.

4. Managing Cookie Preferences

When you first visit our websites, you will be presented with a cookie banner allowing you to:

• Accept all cookies
• Reject non-essential cookies
• Manage granular preferences

You may withdraw or modify consent at any time via the cookie settings link (where available) or through your browser settings. Disabling certain cookies may affect website functionality.

5. Legal Basis

Under the UK GDPR and the Privacy and Electronic Communications Regulations (PECR):

• Strictly necessary cookies are used to provide requested services and operate secure systems.
• Analytics and marketing cookies are used only with your consent.