Privacy Policy

How we collect, use, and protect your personal data.

Last updated: December 2025

The Digital Employee takes the privacy of your information very seriously. This privacy policy applies to our use of any and all data collected by us or provided by you in relation to your use of our website and services.

1. Definitions

In this privacy policy, the following definitions apply:

  • "Data" means all information that you provide to us via the website or our services
  • "Cookies" means small text files placed on your device when you visit our website
  • "The Digital Employee", "we", "us", or "our" refers to Purple Ohm Ltd (trading as The Digital Employee), a company registered in England and Wales (Company No: 11643197)
  • "User" or "you" means any person or organisation that accesses our website or uses our services
  • "Website" means thedigitalemployee.co.uk
  • "Services" means the AI readiness audits, consulting, and transformation services we provide

2. Scope of This Policy

This privacy policy applies only to the actions of The Digital Employee and users with respect to this website and our services. It does not extend to any websites that can be accessed from this website, including but not limited to any links we may provide to social media platforms, payment processors, or partner sites.

3. Data Controller

For purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, The Digital Employee is the "data controller" responsible for your personal data.

4. Data We Collect

We may collect the following data when you visit our website, complete a form, make a booking, or interact with our services:

  • Name and job title
  • Contact information including email address and telephone number
  • Organisation name, size, and sector
  • Assessment responses and PULSE audit data
  • Payment and billing information (processed securely via Stripe)
  • IP address (automatically collected)
  • Browser type and version (automatically collected)
  • Operating system (automatically collected)
  • Pages visited and referring URLs (automatically collected)

5. How We Use Your Data

Your data may be used for the following purposes:

  • Providing our AI readiness audit and consulting services
  • Generating your PULSE assessment reports and recommendations
  • Processing payments and maintaining financial records
  • Communicating with you about your services, bookings, and enquiries
  • Improving our website, products, and services
  • Sending promotional materials where you have opted in to receive them
  • Complying with legal and regulatory obligations

6. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: Processing necessary to perform our services for you
  • Legitimate interests: Processing necessary for our business operations, provided it does not override your rights
  • Consent: Where you have given explicit consent for specific processing (e.g., marketing communications)
  • Legal obligation: Processing required to comply with UK law

7. Data Retention

We retain your personal data only for as long as necessary:

  • Assessment data and reports: 3 years from completion, or longer if you remain an active client
  • Financial transaction records: 6 years (as required by UK law)
  • Marketing preferences: Until you withdraw consent
  • Website analytics: 26 months

8. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe: Payment processing (PCI-DSS compliant)
  • Cloudflare: Website hosting, security, and CDN
  • Supabase: Secure data storage (EU data centres available)
  • Google Analytics: Website usage analytics (anonymised)

Each service operates under their own privacy policy. We only share the minimum data necessary for them to provide their services.

9. International Data Transfers

Some of our third-party service providers may store data outside the UK or European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the ICO
  • Adequacy decisions where the destination country provides equivalent protection
  • Data processing agreements with appropriate security measures

10. Your Rights Under GDPR

Under UK GDPR, you have the following rights:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data ("right to be forgotten")
  • Right to restrict processing: Request we limit how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for marketing
  • Rights related to automated decision-making: Not be subject to decisions based solely on automated processing

To exercise any of these rights, please contact us using the details below. We will respond to your request within one month. There is no fee for most requests, though we may charge a reasonable fee for manifestly unfounded or excessive requests.

11. Cookies

Our website uses cookies to enhance your experience. We use the following types:

  • Essential cookies: Required for core website functionality (no consent needed)
  • Analytics cookies: Help us understand how visitors use our site (consent required)
  • Preference cookies: Remember your settings and preferences

You can control cookie preferences through our cookie banner or your browser settings. Note that disabling certain cookies may affect website functionality.

12. Data Security

We implement appropriate technical and organisational measures to protect your data:

  • All data transmitted via HTTPS encryption
  • Secure data storage with access controls
  • Regular security reviews and updates
  • Staff training on data protection

While we take all reasonable precautions, no data transmission over the internet can be guaranteed 100% secure. You share data with us at your own risk.

13. Confidentiality

We treat all client data, including assessment responses, organisational information, and strategic insights, as strictly confidential. We will not disclose confidential information to third parties without your consent, except where required by law.

Aggregated, anonymised data may be used for research, benchmarking, or improving our services, but this will never identify you or your organisation.

14. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

15. Complaints

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: ico.org.uk
Phone: 0303 123 1113

16. Contact Us

For any questions about this privacy policy or to exercise your data rights, contact us:

Email: hello@thedigitalemployee.co.uk

Company: Purple Ohm Ltd (trading as The Digital Employee)
Company Number: 11643197
Registered Address: No. 1, CV8 2TD