Close-up of a black sign with the words 'Privacy Please' and a Wi-Fi symbol, mounted on a wall.

Privacy Policy

Type of website: Company Website
Effective date: 6th day of May, 2026

This Privacy Policy applies to:

www.argylldev.com (the “Site”);
the ADD Platform;
APIs;
software;
hosted services;
and related services provided by Argyll Data Development Ltd (“ADD”, “we”, “us”, or “our”).

Argyll Data Development Ltd is the data controller for the purposes of applicable data protection laws and can be contacted at:

Email:info@argylldev.com

Address:
Argyll Data Development Ltd
Killellan Farm
Toward
PA23 7UJ

Purpose

The purpose of this Privacy Policy is to explain:

what personal data we collect;
how we use personal data;
the legal basis for processing personal data;
how personal data may be shared;
how we protect personal data;
international processing and infrastructure arrangements;
retention of personal data;
your rights under applicable data protection laws;
and our use of cookies and related technologies.

This Privacy Policy applies in addition to:

applicable website terms and conditions;
Platform Terms of Service;
Software and Platform Licence Agreements;
Acceptable Use Policies;
commercial agreements;
and related operational policies.

GDPR

ADD processes personal data in compliance with applicable data protection and privacy laws, including:

the UK General Data Protection Regulation (“UK GDPR”);
the Data Protection Act 2018;
and, where applicable, the European Union General Data Protection Regulation (EU) 2016/679 (“EU GDPR”).

ADD implements appropriate technical and organisational measures designed to protect personal data and support lawful, fair, and transparent processing.

ADD has not appointed a formal Data Protection Officer (“DPO”) because ADD does not currently fall within the categories of organisations required to appoint a DPO under Article 37 of the UK GDPR or EU GDPR.

Questions regarding data protection or privacy matters may be directed to:

Legal Basis for Processing

ADD processes personal data only where a lawful basis exists under applicable data protection laws, including the UK GDPR and, where applicable, the EU GDPR.

Depending on the nature of the interaction, ADD may rely on one or more of the following legal bases for processing personal data:

Consent

Where required, ADD processes personal data on the basis of user consent, including for:

non-essential cookies;
marketing communications;
or optional service features.

Users may withdraw consent at any time as described in this Privacy Policy.

Legitimate Interests

ADD may process personal data where reasonably necessary for legitimate business interests, provided such interests are not overridden by the rights and freedoms of individuals.

Legitimate interests may include:

operation and administration of the Site, Platform, and services;
infrastructure management and security;
fraud prevention and abuse detection;
service improvement and operational analytics;
customer support and communications;
system monitoring and performance optimisation;
and protection of legal rights and operational integrity.

Contractual Necessity

ADD may process personal data where necessary:

to take steps prior to entering into a contract;
to provide requested services;
to administer accounts;
to provide Platform or Software access;
or to perform obligations under applicable agreements.

Where required personal data is not provided, ADD may be unable to:

provide services;
create accounts;
process enquiries;
or fulfil contractual obligations.

Legal Obligations

ADD may process personal data where necessary to comply with:

applicable laws;
regulatory requirements;
lawful governmental requests;
court orders;
tax obligations;
export control requirements;
or other legal obligations.

Personal Data We Collect

ADD collects and processes personal data reasonably necessary for:

operation of the Site, Platform, Software, APIs, and related services;
account administration;
service delivery;
infrastructure management;
security and abuse prevention;
customer support;
legal and regulatory compliance;
and related operational and business purposes described in this Privacy Policy.

The categories of personal data we collect may vary depending on:

how users interact with the Site or services;
account and service configuration;
operational requirements;
and applicable legal or regulatory obligations.

ADD will not collect or process personal data beyond what is reasonably necessary for the purposes described in this Privacy Policy without an appropriate lawful basis or further notice where required by applicable law.

Data Collected Automatically

When users access or use the Site, Platform, Software, APIs, or related services, ADD may automatically collect certain technical, operational, and usage-related information, including:

IP address;
approximate geographic location derived from IP address;
browser type and version;
operating system and device information;
hardware and software configuration details;
authentication and session information;
API and service usage metrics;
pages, content, features, or resources accessed;
interaction and navigation data;
clicked links and referral information;
performance, diagnostic, and telemetry data;
and security and operational log information.

This information may be collected through:

cookies;
analytics tools;
server logs;
APIs;
authentication systems;
and operational monitoring technologies.

Automatically collected data may be used for:

operation and administration of the Site and services;
infrastructure management;
service optimisation;
performance monitoring;
security and abuse prevention;
analytics and operational reporting;
and legal or regulatory compliance.

Data Collected in a Non-Automatic Way

ADD may collect personal data directly from users when they:

submit enquiries;
create accounts;
register for services;
request information;
subscribe to communications;
use Platform or API services;
enter into commercial discussions;
or otherwise interact with the Site, Platform, Software, or related services.

Depending on the nature of the interaction, ADD may collect:

first and last name;
email address;
telephone number;
postal address;
company, institution, or organisation name;
account registration information;
billing or commercial contact information;
authentication or account credentials;
support or communication records;
and other information voluntarily provided by users.

Such information may be collected through:

website forms;
account registration processes;
API onboarding;
support requests;
email communications;
commercial engagement processes;
customer onboarding activities;
or other direct interactions with ADD.

How We Use Personal Data

ADD uses personal data only where reasonably necessary for the purposes described in this Privacy Policy and in accordance with applicable data protection laws.

Depending on the nature of the interaction, personal data may be used for:

operation and administration of the Site, Platform, Software, APIs, and related services;
account creation and authentication;
customer onboarding and account management;
provision of services and technical support;
responding to enquiries and communications;
administration of commercial relationships and contracts;
billing and payment administration;
infrastructure management and operational monitoring;
service optimisation and analytics;
security monitoring, fraud prevention, and abuse detection;
compliance with legal and regulatory obligations;
maintenance of operational integrity and service availability;
and related business and operational purposes.

Automatically Collected Data

Automatically collected technical and usage information may be used for:

website and Platform analytics;
performance monitoring;
infrastructure diagnostics;
operational reporting;
security and abuse prevention;
service improvement;
and management of Site and Platform functionality.

ADD may use third-party analytics and infrastructure providers, including:

website hosting providers;
analytics services;
operational monitoring providers;
and infrastructure support providers,

where reasonably necessary for operation of the Site and services.

Data Provided Directly by Users

Personal data voluntarily submitted by users may be used for:

responding to enquiries;
registering interest in services;
customer communications;
providing Platform or API access;
onboarding and support activities;
commercial engagement and account administration;
and delivery of requested services.

The Platform operates as an inference service only. Customer prompts, submitted content, and AI-generated outputs are not used for foundation model training unless expressly agreed otherwise in writing.

Who We Share Personal Data With

ADD may share personal data only where reasonably necessary for the purposes described in this Privacy Policy, including operation of the Site, Platform, Software, APIs, infrastructure, and related services.

Employees and Authorised Personnel

ADD may disclose personal data to:

employees;
contractors;
advisers;
operational personnel;
and authorised service providers,

who reasonably require access to personal data for:

service delivery;
account administration;
infrastructure management;
customer support;
security and abuse prevention;
operational monitoring;
legal compliance;
or related business and operational purposes.

All such persons are subject to appropriate confidentiality and security obligations.

Third-Party Service Providers

ADD may use third-party providers to support operation of the Site, Platform, Software, and related services, including providers of:

website hosting;
cloud and infrastructure services;
analytics and monitoring services;
authentication and security services;
customer communication systems;
payment processing;
operational support;
and technical service delivery.

Current providers may include:

Squarespace (website hosting and website services);
Google Analytics and related analytics services;
infrastructure and operational service providers;
and authorised technical support providers.

Categories of Data Shared

Depending on the nature of the services provided, ADD may share limited categories of personal data with authorised third-party providers, including:

IP address;
browser and device information;
operating system information;
usage and telemetry data;
authentication and session information;
contact and account information;
and operational or technical support data.

Purpose of Sharing

Personal data may be shared with authorised third parties for purposes including:

operation and maintenance of the Site and services;
infrastructure hosting and management;
analytics and service optimisation;
security monitoring and abuse prevention;
authentication and account management;
customer support and communications;
operational resilience and diagnostics;
and compliance with legal or regulatory obligations.

ADD does not sell personal data to third parties.

Third-party providers may access personal data only to the extent reasonably necessary to perform authorised services on behalf of ADD and are required to implement appropriate confidentiality and security protections.

Other Disclosures

ADD does not sell personal data to third parties.

ADD may disclose personal data where reasonably necessary:

to comply with applicable laws, regulations, court orders, lawful governmental requests, or regulatory obligations;
to establish, exercise, or protect legal rights or defend legal claims;
to investigate fraud, security incidents, abuse, or unlawful activity;
to protect the security, integrity, infrastructure, operations, customers, licensors, or services of ADD;
or in connection with a proposed or actual merger, acquisition, financing, restructuring, investment, or sale of all or part of ADD’s business or assets.

Where legally permitted and reasonably practicable, ADD will use commercially reasonable efforts to:

limit the scope of disclosure;
protect confidential information;
and notify affected individuals prior to disclosure.

Any recipient of personal data disclosed in connection with a corporate transaction shall be subject to appropriate confidentiality and data protection obligations.

The Site, Platform, Software, or related services may contain links to third-party websites, services, or resources. ADD is not responsible for the privacy practices, security, content, or policies of third-party sites or services and encourages users to review their applicable privacy policies separately.

How Long We Store Personal Data

ADD retains personal data only for as long as reasonably necessary for:

the purposes described in this Privacy Policy;
operation of the Site, Platform, Software, and related services;
account administration and customer support;
security, operational monitoring, and abuse prevention;
compliance with legal, regulatory, tax, accounting, and contractual obligations;
resolution of disputes;
and protection of legal rights and operational integrity.

Retention periods may vary depending on:

the nature of the data;
the purpose of processing;
operational requirements;
legal or regulatory obligations;
security considerations;
and applicable contractual arrangements.

Where personal data is no longer reasonably required, ADD will:

securely delete;
anonymise;
or otherwise dispose of the data in accordance with applicable legal and operational requirements.

In certain circumstances, ADD may retain limited information for longer periods where required for:

legal compliance;
regulatory obligations;
fraud prevention;
security investigations;
dispute resolution;
or protection of legal rights.

How We Protect Your Personal Data

ADD implements appropriate technical and organisational security measures designed to protect personal data against:

unauthorised access;
unlawful processing;
accidental loss;
destruction;
misuse;
disclosure;
alteration;
or damage.

Security measures may include:

industry-standard encryption technologies;
encryption in transit;
encryption at rest where applicable;
authentication and access controls;
infrastructure and network security protections;
monitoring and logging systems;
operational security controls;
and confidentiality obligations applicable to authorised personnel and service providers.

Access to personal data is restricted to:

authorised employees;
contractors;
infrastructure providers;
operational support personnel;
and service providers,

who reasonably require access for authorised operational, legal, security, or support purposes and who are subject to appropriate confidentiality and security obligations.

Customer prompts and AI-generated outputs are protected using industry-standard security controls and are not used for foundation model training unless expressly agreed otherwise in writing.

While ADD uses commercially reasonable efforts to protect personal data and maintain appropriate security safeguards, no method of internet transmission, electronic storage, or technical infrastructure can be guaranteed to be completely secure or free from unauthorised access, interruption, or failure.

Users provide information and use the Site, Platform, Software, APIs, and related services at their own risk to the extent permitted by applicable law.

Your Rights

Under applicable data protection laws, including the UK GDPR and, where applicable, the EU GDPR, individuals may have the following rights in relation to their personal data:

the right to be informed about how personal data is processed;
the right to access personal data;
the right to request correction of inaccurate or incomplete personal data;
the right to request erasure of personal data in certain circumstances;
the right to restrict or object to certain processing activities;
the right to data portability;
the right to withdraw consent where processing is based on consent;
and the right not to be subject to certain automated decision-making processes where applicable.

These rights are subject to:

applicable legal and regulatory limitations;
security and identity verification requirements;
and lawful operational, contractual, or compliance obligations.

Individuals also have the right to lodge a complaint with the relevant supervisory authority, including the UK Information Commissioner’s Office (“ICO”) where applicable.

Requests relating to personal data rights may be submitted using the contact details provided in this Privacy Policy.

Children’s Privacy

The Site, Platform, Software, APIs, and related services are not intended for use by children under the age of 16.

ADD does not knowingly collect, solicit, or process personal data from children under 16 years of age without appropriate lawful authority or parental consent where required by applicable law.

If ADD becomes aware that personal data has been collected from a child under 16 in circumstances where such processing is not permitted, ADD will use commercially reasonable efforts to:

delete the relevant personal data;
restrict further processing;
and take appropriate corrective measures.

Parents, guardians, or individuals who believe that personal data relating to a child may have been provided to ADD may contact ADD using the contact details set out in this Privacy Policy.

How to Access, Modify, Delete, or Challenge Personal Data

Individuals may request:

access to personal data;
correction of inaccurate or incomplete personal data;
deletion of personal data where applicable;
restriction or objection to certain processing activities;
or exercise any other applicable rights under the UK GDPR or other applicable data protection laws.

Requests relating to personal data may be submitted using the contact details below:

Peter Griffiths
Argyll Data Development Ltd
Killellan Farm
Toward
PA23 7UJ

Email: info@argylldev.com

ADD may require reasonable verification of identity before responding to requests relating to personal data or exercising applicable legal rights.

Certain rights may be limited where:

legal obligations apply;
retention is required by law;
security or operational integrity would be compromised;
or exemptions exist under applicable data protection legislation.