Privacy Policy

1. Introduction

This Privacy Policy explains how PadX (“PadX”, “we”, “our”, or “us”) collects, uses, and protects personal data when you use our platform, including our website, applications, hardware, and related services (the “Services”).

We are committed to protecting your privacy and handling personal data in accordance with applicable data protection laws, including the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

2. Data Controller and Processor Roles

When PadX acts as a Data Controller

PadX acts as a data controller in relation to personal data we collect and use for our own purposes, including:

• account registration and management
• usage analytics and product improvement
• artificial intelligence development
• security, fraud prevention, and system integrity
• customer support

When PadX acts as a Data Processor

Where you upload or process personal data through the Services (for example, video footage containing individuals), you or your organisation are typically the data controller, and PadX acts as a data processor on your behalf.

In such cases, PadX processes personal data:

• in accordance with your instructions
• in line with applicable data protection laws

3. Personal Data We Collect

We may collect the following categories of personal data:

Account Information

• name
• email address
• login credentials

Usage Data

• IP address
• device type, operating system, and browser
• interactions with the Services
• log and diagnostic data

User Content

• audio, video, and images
• text and annotations
• metadata (such as timestamps, location data where enabled, and device information)

Support Data

• communications with customer support
• feedback and enquiries

Payment Data (if applicable)

If we introduce paid features, we may collect:

• billing details
• transaction records

(Payment processing may be handled by third-party providers and we may not store full payment card details.)

4. How We Use Personal Data

We use personal data to:

• provide, operate, and maintain the Services
• manage user accounts and authentication
• provide customer support and respond to enquiries
• improve, develop, and optimise features
• develop and enhance artificial intelligence systems
• monitor usage, performance, and security
• detect and prevent fraud, abuse, or illegal activity
• comply with legal and regulatory obligations

5. Legal Bases for Processing

We rely on the following legal bases under UK GDPR:

• Contract – where processing is necessary to provide the Services to you
• Legitimate Interests – including improving the Services, analytics, AI development, and ensuring security (balanced against your rights)
• Legal Obligation – where processing is required to comply with applicable laws
• Consent – where required (for example, certain cookies or specific data uses)

6. Data Analytics and Artificial Intelligence

We may analyse usage data and User Content to improve the Services and develop new features.

This may include using data to:

• train and improve machine learning and AI models
• develop analytics and performance insights
• enhance functionality and user experience

Where reasonably possible, we use aggregated or anonymised data that does not identify individuals.

Where personal data is used for these purposes, we do so in accordance with applicable law and, where required, provide appropriate controls such as opt-outs.

7. Data Sharing

We may share personal data with:

• cloud hosting and infrastructure providers
• analytics and monitoring providers
• customer support tools and service providers
• payment processors (if and when applicable)
• professional advisers (e.g. legal, accounting)
• law enforcement or regulatory authorities where required

All third-party service providers are required to:

• process personal data only on our instructions
• implement appropriate security measures

We do not sell personal data.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UK or European Economic Area (EEA).

Where this occurs, we ensure appropriate safeguards are in place, such as:

• UK International Data Transfer Agreements (IDTAs)
• Standard Contractual Clauses (SCCs)
• transfers to countries with adequacy decisions

9. Data Retention

We retain personal data only for as long as necessary to:

• provide and operate the Services
• fulfil the purposes described in this Policy
• comply with legal, regulatory, or contractual obligations

Retention periods may vary depending on the nature of the data.

We may retain aggregated or anonymised data indefinitely, as it does not identify individuals.

10. Your Rights

Under applicable data protection law, you may have the right to:

• access the personal data we hold about you
• request correction of inaccurate or incomplete data
• request deletion of your personal data
• restrict or object to processing
• request data portability
• withdraw consent (where processing is based on consent)

To exercise your rights, please contact us using the details below.

We may need to verify your identity before responding to your request.

11. Security

We implement appropriate technical and organisational measures to protect personal data, including:

• encryption (where appropriate)
• secure infrastructure and hosting
• access controls and authentication measures

However, no system can be guaranteed to be completely secure.

12. Cookies and Similar Technologies

We use cookies and similar technologies to:

• operate and maintain the Services
• analyse usage and performance
• improve user experience

Where required by law, we obtain consent before placing non-essential cookies.

Further details are available in our Cookie Policy.

13. Children

The Services are not intended for individuals under the age of 16.

If you are under 18, you must have appropriate consent from a parent or guardian to use the Services.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

Where changes are material, we will take reasonable steps to notify you. Continued use of the Services after updates constitutes acceptance of the revised Policy.

15. Contact and Complaints

If you have any questions about this Privacy Policy or how we handle personal data, please contact us:

Email: appsupport@padx.ai

You also have the right to lodge a complaint with the UK supervisory authority: Information Commissioner’s Office (ICO).