Nullspace Logo
Nullspace

Privacy Policy

Your privacy is our commitment. We prioritize transparency and data protection.

Last updated: April 24, 2025

Introduction

Nullspace Technologies Ltd. ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website at https://nullspace.so (the "Website"), use our AI-powered automation services, and tell you about your privacy rights and how the law protects you.

As a UK-based AI SaaS company, we comply with all applicable data protection laws, including the UK GDPR and the Data Protection Act 2018. This policy applies to personal data we collect from users and customers of our services globally.

Data Controller Information

Nullspace Technologies Ltd. (company registration number 12345678) is the data controller responsible for your personal data. We are registered with the Information Commissioner's Office (ICO) with registration number [ICO Registration Number].

If you have any questions about this privacy policy or our privacy practices, please contact our Data Protection Officer at:

Data Protection Officer
Nullspace Technologies Ltd.
71-75 Shelton Street
Covent Garden
London
WC2H 9JQ
Email: info@nullspace.so

The Data We Collect About You

Personal data means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data - includes first name, last name, username or similar identifier, title, job role and company name.
  • Contact Data - includes email address, telephone numbers, and business or billing address.
  • Financial Data - includes bank account and payment card details (processed securely through our payment providers).
  • Technical Data - includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our Website.
  • Usage Data - includes information about how you use our Website and services, including feature usage statistics and interaction data.
  • Automation and AI Content Data - includes data you input into our system for processing through our AI automation services, configurations of your automations, and the outputs generated.
  • Marketing and Communications Data - includes your preferences in receiving marketing from us and our third parties and your communication preferences.

Legal Basis for Processing Your Data

Under the UK GDPR and EU GDPR, we must have a lawful basis for processing your personal data. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Contract - Where we need to perform the contract we are about to enter into or have entered into with you, including delivery of our services.
  • Legitimate Interests - Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. These include providing you with a secure and efficient service, developing and improving our products, and growing our business.
  • Legal Obligation - Where we need to comply with a legal obligation, such as accounting, tax, and regulatory requirements.
  • Consent - Where you have provided explicit consent for specific processing activities, such as for marketing communications. You have the right to withdraw this consent at any time.

AI-Specific Privacy Considerations

As an AI SaaS provider, we employ advanced machine learning techniques to deliver our services. Here's how we handle AI-specific privacy considerations:

  • Data Used for AI Training - We may use anonymized and aggregated data to improve our AI models. No personally identifiable information is used for general model training without explicit consent.
  • Customer-Specific Models - For enterprise customers, we may develop customized AI models using their data, which is governed by specific terms in our service agreements.
  • Automated Decision-Making - Our service involves automated processing to create automations based on your inputs. You maintain control over the implementation and can modify or disable automations at any time.
  • Transparency - We provide clear information about how our AI systems process your data and the logic involved in significant automated decisions.

International Transfers

As a UK-based company offering services globally, we may transfer your personal data to countries outside the UK and European Economic Area (EEA). When we do, we ensure a similar degree of protection is afforded to your data by implementing appropriate safeguards:

  • Standard Contractual Clauses - When transferring data outside the UK/EEA, we implement the UK/EU-approved Standard Contractual Clauses with our partners and service providers.
  • Adequacy Decisions - Where possible, we prioritize transfers to countries with UK/EU adequacy decisions, which means they provide an adequate level of data protection.
  • Privacy Shield - For transfers to US-based service providers, we work with entities certified under the UK Extension to the EU-U.S. Data Privacy Framework where applicable.

Data Security

We have implemented robust security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed:

  • Encryption - All data in transit and at rest is encrypted using industry-standard encryption technologies.
  • Access Controls - We maintain strict access controls and authentication procedures for our staff and systems.
  • Regular Security Audits - We conduct regular security assessments and penetration testing of our systems.
  • Incident Response - We have procedures to deal with suspected personal data breaches and will notify you and applicable regulators where legally required.

Your Legal Rights

Under data protection laws, you have significant rights regarding your personal data:

  • Right of Access - You can request copies of your personal data.
  • Right to Rectification - You can request correction of inaccurate or incomplete data.
  • Right to Erasure - You can request deletion of your personal data in certain circumstances.
  • Right to Restriction - You can request restriction of processing in certain circumstances.
  • Right to Data Portability - You can request transfer of your data to you or a third party.
  • Right to Object - You can object to processing of your personal data in certain circumstances.
  • Rights Regarding Automated Decision-making - You have rights relating to automated decision-making and profiling.

You can exercise any of these rights by contacting our Data Protection Officer. You will not have to pay a fee to access your personal data or exercise these rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

Contact Us & Complaints

If you have any questions about this privacy policy or our privacy practices, or if you wish to exercise any of your legal rights, please contact our Data Protection Officer using the details provided above.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Contact Us