Privacy Policy

01Who we are

Quantum Automations Group Ltd ("we", "us", "our") is a company registered in England and Wales under company number 17190497, with its registered office at 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ.

We are committed to protecting your privacy. This policy explains how we collect, use, store, and share your personal data when you visit our website (quantumautomations.ai), use our services, or interact with us.

For any questions regarding this policy, contact us at [email protected].

02Data we collect

We may collect the following categories of personal data:

Information you provide directly: name, email address, company name, job title, phone number, and any other information you submit through our contact forms, sign-up flows, or during the course of a business engagement.

Information collected automatically: IP address, browser type and version, operating system, referring URL, pages visited, time and date of access, and session duration. We collect this through cookies and similar technologies.

Payment information: if you purchase our services, we collect billing details. Payment processing is handled by third-party processors (such as Stripe or Wise). We do not store credit card numbers on our servers.

Usage data: if you use our software products (SaaS platforms), we collect data on how you interact with the product, including feature usage, error logs, and performance metrics.

03How we use your data

We use your personal data for the following purposes:

• To provide, operate, and improve our services
• To communicate with you about your account, enquiries, or support requests
• To send you service-related updates and notifications
• To process payments and manage billing
• To comply with legal obligations
• To detect, prevent, and address fraud or security issues
• To analyse usage patterns and improve our website and products

We do not sell your personal data to third parties.

04Legal bases for processing (GDPR)

We process your personal data under the following legal bases:

Contractual necessity: where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.

Legitimate interests: where processing is necessary for our legitimate business interests, such as improving our services, marketing, and fraud prevention, provided these interests are not overridden by your rights.

Consent: where you have given us specific consent to process your data for a particular purpose (e.g., marketing emails). You may withdraw consent at any time.

Legal obligation: where processing is required to comply with applicable laws or regulations.

05Data sharing

We may share your personal data with:

• Service providers: third-party vendors who assist us in operating our business, including hosting providers, payment processors, analytics tools, and email services. These providers are contractually bound to protect your data.
• Professional advisers: accountants, lawyers, and auditors where necessary.
• Legal and regulatory authorities: where required by law, regulation, or legal process.
• Business transfers: in connection with a merger, acquisition, or sale of assets.

We do not share your data with third parties for their own marketing purposes.

06International transfers

Your data may be transferred to and processed in countries outside the United Kingdom, including countries within the European Economic Area (EEA) and the United States. Where we transfer data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO) or transfers to countries with adequacy decisions.

07Data retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Typically:

• Client and prospect data: for the duration of the business relationship plus 6 years
• Website analytics data: 26 months
• Marketing consent records: until consent is withdrawn plus 1 year

08Your rights

Under UK GDPR, you have the following rights:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate or incomplete data
• Right to erasure: request deletion of your data in certain circumstances
• Right to restrict processing: request that we limit how we use your data
• Right to data portability: request your data in a structured, machine-readable format
• Right to object: object to processing based on legitimate interests or direct marketing
• Right to withdraw consent: where processing is based on consent

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

09Cookies

Our website uses cookies to enhance your experience. We use:

• Strictly necessary cookies: required for the website to function (e.g., session management)
• Analytics cookies: to understand how visitors interact with our website (e.g., Google Analytics or Plausible)
• Functional cookies: to remember your preferences

You can control cookies through your browser settings. For more details, see our cookie banner on the website.

10Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. See our Security Policy for more details.

11Children

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

12Changes to this policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on our website with a revised "Last updated" date.

13Contact and complaints

If you have any questions or complaints about this policy or our data practices, contact us at:

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.