Privacy Policy

Last updated: 29 October 2025

Introduction

This Privacy Policy explains how Slinkytronic Limited, trading as Aandai (“we”, “us”, “our”), collects, uses, and protects your personal information when you use our website aandai.com (the “Website”).

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller:
Slinkytronic Limited
Company Number: 09240166
Registered Address: Willow Cottage, Ashmoor Drove, Wells, BA5 1NS, United Kingdom
Contact: marc [at] aandai.com

Information We Collect

Information You Provide Directly

We do not collect personal information directly through this Website. When you click through to third-party services (LinkedIn or Calendly), those services collect information according to their own privacy policies.

Information Collected Automatically

When you visit our Website, we may automatically collect:

• Usage Data: Your IP address, browser type and version, pages visited, time and date of visit, time spent on pages, and other diagnostic data
• Cookies and Tracking Technologies: We may use cookies and similar tracking technologies in the future (see Cookies section below)

Information Collected Through Our Services

When you engage us for automation and AI consultancy services, we may process personal data as part of delivering those services. This may include:

• Business contact information (names, email addresses, job titles)
• Client data processed through automation workflows we build (e.g. CRM data, lead information, sales data)
• Communications between us regarding your project

How We Use Your Information

We use personal information only for the following purposes:

• Service Delivery: To provide automation and AI consultancy services, including building and maintaining workflows
• Communication: To respond to enquiries and communicate about services
• Business Operations: To manage contracts, invoicing, and business administration
• Legal Compliance: To comply with legal obligations and protect our rights

We do not use your information for marketing purposes unless you have specifically opted in.

Legal Basis for Processing

Under UK GDPR, we process personal data based on:

• Contract Performance: Processing necessary to deliver services you’ve engaged us for
• Legitimate Interests: For business operations, provided this doesn’t override your rights
• Legal Obligation: To comply with tax, accounting, and other legal requirements
• Consent: Where you’ve given explicit consent (e.g. for marketing communications)

Third-Party Services

This Website uses or may link to the following third-party services, each with their own privacy policies:

Currently Active

• LinkedIn: When you connect with us on LinkedIn, their privacy policy applies (LinkedIn Privacy Policy)
• Calendly: When you book a meeting, Calendly collects information according to their privacy policy (Calendly Privacy Policy)

Future Implementation

• Google Analytics: We plan to implement Google Analytics to understand how visitors use our Website. When implemented, we will update this policy and implement appropriate cookie consent mechanisms. (Google Analytics Privacy)

Service Delivery Tools

When providing our services, we use various third-party platforms to build and operate automations, including (but not limited to):

• n8n (workflow automation)
• Clay, Cognism, RB2B (data enrichment)
• Teamfluence, Trigify (social media monitoring and engagement)
• Smartlead, Outreach.io (outbound email campaigns)
• Phantom Buster, Puppeteer (web session automation)
• OpenAI, Anthropic, Perplexity (AI services)
• Various CRM and marketing platforms (e.g, HubSpot, Salesforce)

These platforms process client data according to their own privacy policies and security standards. We select platforms that maintain appropriate security measures and, where required, have appropriate Data Processing Agreements in place.

Data Retention

We retain personal information only for as long as necessary:

• Website Usage Data: Automatically collected data is retained for up to 26 months
• Service Delivery Data: Client data is retained for the duration of our engagement and up to 7 years thereafter for legal and accounting purposes
• Communications: Business correspondence is retained for up to 7 years

You may request earlier deletion subject to our legal obligations (e.g. tax records).

Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

• Secure data transmission (SSL/TLS encryption)
• Access controls and authentication
• Regular security reviews
• Using reputable third-party platforms with strong security credentials

However, no internet transmission is completely secure. We cannot guarantee absolute security.

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of personal data we hold about you
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data (subject to legal obligations)
• Right to Restrict Processing: Request we limit how we use your data
• Right to Data Portability: Request your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Rights Related to Automated Decision-Making: We do not use automated decision-making or profiling

To exercise these rights, contact us at marc [at] aandai.com.

Cookies

Current Cookie Use

We currently use only essential cookies required for the Website to function properly. These do not require consent under UK law.

Future Cookie Use

We plan to implement Google Analytics, which uses cookies to collect usage data. Before implementing this:

• We will add a cookie consent banner
• You will be able to accept or reject non-essential cookies
• We will update this policy to detail the specific cookies used

You can control cookies through your browser settings. Note that disabling essential cookies may affect Website functionality.

International Data Transfers

Our Website is hosted within the UK/EU. However, some third-party services we use (e.g. OpenAI, Anthropic) may process data outside the UK/EU. Where this occurs:

• We ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses)
• Data is only transferred to countries with adequate data protection laws or under approved transfer mechanisms
• We conduct due diligence on third-party data protection practices

Children’s Privacy

Our services are directed at businesses, not individuals under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will:

• Post the updated policy on this page
• Update the “Last updated” date at the top
• Notify you of material changes via the Website or email (where we have your contact details)

We encourage you to review this policy periodically.

Data Protection Registration

We are not currently registered with the Information Commissioner’s Office (ICO) as our data processing activities fall below the registration threshold. Should our processing activities change, we will register as required.

Complaints

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)
Website: https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 1113

Contact Us

For questions about this Privacy Policy or to exercise your data rights, contact:

Slinkytronic Limited (trading as Aandai)
Willow Cottage, Ashmoor Drove, Wells, BA5 1NS
Email: marc [at] aandai.com
Company Number: 09240166
VAT Number: GB233433337