aicosts.co.uk – GDPR Compliance Statement
Effective: 15/05/2025
At AI Costs, we take data protection and client confidentiality seriously. Our desktop application and backend services are designed with full adherence to the UK GDPR and the Data Protection Act 2018.
This page provides a clear overview of how your data is handled during use of the AI Costs service.
1. Data Handling Overview
- All spreadsheet files remain on your local machine.
- A temporary working copy is created locally for in-app processing.
- Only individual cell contents (e.g. a single timed description) are securely transmitted to our rewrite API for real-time processing.
- No full files are uploaded, and no user data is stored or retained by AI Costs or its infrastructure partners.
2. Our Role Under GDPR
- AI Costs acts as a Data Processor, operating solely on your instructions.
- You, or your firm, remain the Data Controller.
- We do not collect, access, or store personally identifiable information (PII), case files, or confidential content.
3. Security and Infrastructure
- All data transmissions occur via encrypted HTTPS (TLS 1.2+).
- Rewrite processing is handled via secure infrastructure located in the UK (London region) using a GDPR-compliant cloud provider.
- No data is stored on our servers or retained by third parties.
4. Your Responsibilities
As the Data Controller, you are responsible for ensuring:
- The data input into the app is lawful and appropriate for processing.
- Any sensitive or personal data is redacted if necessary.
- Staff using the app understand how data is handled and retained.
5. Data Retention
- No data is stored by AI Costs after rewrite processing is completed.
- No caching, logging, or training occurs on submitted content.
- Drafts, if saved, are stored only on your device, using secure browser-based storage.
6. GDPR Requests & Contact
If you require documentation for audit, data processing agreements, or have questions about compliance:
📧 admin@aicosts.co.uk