H
HelloSir.ai
Sign inStart free
// privacy

Privacy Policy

Last updated · February 2026

HelloSir.ai ("we", "us") is a SaaS product of Cloud Lab Technologies, a UK-registered software company. We take privacy seriously and only process the data we need to run the Service. This policy explains what data we collect, why we collect it, how long we keep it and the rights you have under the UK GDPR and EU GDPR.

1. Who is the data controller?

Cloud Lab Technologies (UK) is the data controller for personal data processed via HelloSir.ai. Contact: privacy@hellosir.ai.

2. What we collect

  • Account data — name, email, company, country, hashed password.
  • Billing data — invoices, top-up transactions, last 4 digits of card (held by our payment processor; we never see the full PAN).
  • Knowledge base content — pages, PDFs, documents and URLs that you upload or ask us to crawl to train your Agent.
  • Conversations — transcripts, voice recordings, IP, browser metadata and language locale of users who interact with your Agent.
  • Telemetry — basic, aggregated usage analytics to keep the Service healthy.

3. Why we process it (lawful basis)

  • Contract — to provide the Service you signed up for.
  • Legitimate interest — fraud prevention, security, debugging and platform improvements.
  • Legal obligation — invoicing, tax, anti-money-laundering and law-enforcement requests.
  • Consent — where required (e.g. optional marketing emails).

4. AI processing & sub-processors

To generate replies, transcribe voice or synthesise speech, we send relevant portions of your content to upstream model providers under strict zero-retention agreements. We do not use your content to train any public foundation model. A current list of sub-processors is available on request.

5. International transfers

Data may be processed in the UK, EU and US under Standard Contractual Clauses and the UK International Data Transfer Addendum. Voice & chat traffic is encrypted in transit (TLS 1.2+) and at rest (AES-256).

6. Retention

  • Account data — retained while your account is active and for 12 months after closure for legal compliance.
  • Conversation transcripts — 90 days by default; configurable down to 7 days or up to 2 years from your dashboard.
  • Voice recordings — 30 days by default; configurable in settings.
  • Billing records — 7 years (UK HMRC requirement).

7. Your rights

You have the right to access, rectify, erase, restrict or port your personal data, and to object to processing. Email privacy@hellosir.ai with the subject "Data request". We respond within 30 days.

8. Cookies

We use strictly necessary cookies to keep you logged in and to remember consent preferences, plus optional analytics cookies (loaded only after consent). You can manage cookie preferences at any time from the footer banner.

9. Children

HelloSir is not intended for use by children under 16. We do not knowingly collect personal data from children.

10. Complaints

You can lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or your local EU supervisory authority.