Privacy Policy

Last Updated: 07-Feb-2026
Effective Date: 07-Feb-2026

This Privacy Policy describes the policies of Beyond Touch Ltd, 30 Main Road Toynton All Saints Spilsby, Lincolnshire, PE23 5AE, United Kingdom of Great Britain and Northern Ireland (the), email: info@beyondtouch.co.uk, phone: +44 1790 751238 on the collection, use and disclosure of your information that we collect when you use our website ( https://beyondtouch.co.uk/ ). (the "Service"). By accessing or using the Service, you are consenting to the collection, use and disclosure of your information in accordance with this Privacy Policy. If you do not consent to the same, please do not access or use the Service.

We may modify this Privacy Policy from time to time. When we make material changes, we will notify you by email and/or by posting a notice on our website at least 30 days before the changes take effect. The revised Policy will be effective 30 days from when the revised Policy is posted in the Service, unless otherwise stated. For minor changes (such as clarifications or formatting), we may implement updates immediately. Your continued use of the Service after any changes constitutes your acceptance of the revised Privacy Policy. We therefore recommend that you periodically review this page.

1. How We Use Your Information:

We will use the information that we collect about you for the following purposes:

  1. Marketing/ Promotional
  2. Creating user account
  3. Testimonials
  4. Processing payment
  5. Administration info
  6. Targeted advertising
  7. Manage customer order
  8. Service delivery and business consultancy (including use of AI tools to enhance analysis and recommendations - see Section 6 for details)
  9. Business intelligence and research (anonymized data only)

If we want to use your information for any other purpose, we will ask you for consent and will use your information only on receiving your consent and then, only for the purpose(s) for which you grant consent unless we are required to do otherwise by law.

AI-Assisted Processing: Where we use AI tools to assist in service delivery (see Section 6 for full details), we ensure:

  • Privacy-first configuration with model training disabled
  • Sensitive information is processed in Incognito Mode
  • Client confidentiality is maintained at all times
  • You can opt-out of AI-assisted service delivery upon request

2. Your Rights:

Depending on the law that applies, you may have a right to access and rectify or erase your personal data or receive a copy of your personal data, restrict or object to the active processing of your data, ask us to share (port) your personal information to another entity, withdraw any consent you provided to us to process your data, a right to lodge a complaint with a statutory authority and such other rights as may be relevant under applicable laws. To exercise these rights, you can write to us at info@beyondtouch.co.uk. We will respond to your request in accordance with applicable law.

You may opt-out of direct marketing communications or the profiling we carry out for marketing purposes by writing to us at info@beyondtouch.co.uk.

Do note that if you do not allow us to collect or process the required personal information or withdraw the consent to process the same for the required purposes, you may not be able to access or use the services for which your information was sought.

3. Cookies Etc.

To learn more about how we use these and your choices in relation to these tracking technologies, please refer to our Cookie Policy.

4. Security:

The security of your information is important to us and we will use reasonable security measures to prevent the loss, misuse or unauthorized alteration of your information under our control. However, given the inherent risks, we cannot guarantee absolute security and consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.

5. Grievance / Data Protection Officer:

If you have any queries or concerns about the processing of your information that is available with us, you may email our Grievance Officer at Beyond Touch Ltd, 30 Main Road Toynton All Saints Spilsby, email: info@beyondtouch.co.uk. We will address your concerns in accordance with applicable law.

6. Use of AI Tools and Data Processing:

Overview

Beyond Touch Ltd uses artificial intelligence (AI) tools, including Claude AI by Anthropic, Fathom AI for meeting transcription, and Microsoft Copilot for productivity enhancement, to enhance the quality and efficiency of our business consultancy services. We are committed to protecting your confidential information when using these tools.

What AI Tools We Use

We currently use the following AI tools to enhance our service delivery:

  • Claude AI (by Anthropic) - for business analysis, strategic planning support, document review, content creation, and research assistance
  • Fathom AI - for automated meeting transcription, note-taking, and meeting summaries
  • Microsoft Copilot (Microsoft 365) - for document creation, email drafting, data analysis within Microsoft applications

Other AI tools may be used from time to time to support our service delivery, and we will update this policy accordingly.

How We Protect Your Data When Using AI Tools

Claude AI:

  • Our Claude AI subscription is configured with model training disabled
  • We use Incognito Mode for processing sensitive client information
  • We maintain separate organizational boundaries (Projects) for different clients
  • Data retention: 30 days maximum (with training disabled), then deleted
  • Encryption in transit and at rest
  • No data used for AI model training (with our settings)

Fathom AI:

  • HIPAA, SOC 2 Type II, and GDPR compliant
  • Meeting recordings stored securely with encryption
  • Data is NOT used to train AI models (Anthropic, OpenAI, or Google sub-processors are contractually prohibited from using customer data for training)
  • Fathom uses de-identified customer data only to improve its own proprietary models
  • Meeting participants can see Fathom bot (visible for transparency)
  • Recordings deleted within 30 days of account deletion request
  • Important: We always obtain consent from all meeting participants before recording

Microsoft Copilot (Microsoft 365):

  • Covered by Microsoft's Data Protection Addendum (DPA) and Product Terms
  • Enterprise Data Protection when used with our business Microsoft 365 account
  • Prompts and responses NOT used to train foundation AI models
  • Data stays within Microsoft 365 service boundary
  • GDPR, ISO 27001, and HIPAA compliant (properly configured)
  • Data encrypted in transit and at rest
  • Access restricted by Microsoft 365 permissions (can only access what users can access)
  • Bing web search functionality disabled for enhanced privacy

Client data processed through AI tools is handled in accordance with our data protection obligations and UK GDPR requirements.

What Information May Be Processed

AI tools may be used to process:

  • Anonymized business scenarios and case studies
  • Strategic planning frameworks and business models
  • Market research and competitive analysis
  • General business advice and guidance
  • Document structuring and formatting
  • Meeting recordings and transcripts (with participant consent via Fathom)
  • Email drafts and document creation (via Microsoft Copilot within our secure Microsoft 365 environment)
What Information Is NOT Processed Through AI Tools

We do NOT process the following through AI tools:

  • Client names, contact details, or identifying information (unless anonymized)
  • Confidential financial data or commercially sensitive information
  • Personal data of your customers or employees
  • Proprietary business methodologies or trade secrets
  • Information subject to legal professional privilege or confidentiality agreements
Data Retention and Third-Party Processing

Claude AI:

  • Data transmitted securely to Anthropic's servers (encrypted in transit and at rest)
  • With model training disabled: data retained for 30 days maximum, then deleted
  • Incognito Mode conversations are never retained or used for training
  • May process data internationally (including United States) with Standard Contractual Clauses
  • Anthropic does not train AI models on our configured account data

Fathom AI:

  • Meeting recordings stored on secure cloud servers (encrypted)
  • Data processed in the United States with GDPR-compliant safeguards
  • Recordings deleted within 30 days of account deletion request
  • Sub-processors (Anthropic, OpenAI, Google) contractually prohibited from using data for training
  • You maintain control over meeting recordings and can delete them at any time
  • Meeting participants must provide consent before recording (legally required in UK and many jurisdictions)

Microsoft Copilot:

  • Data processed within Microsoft 365 service boundary
  • Encrypted in transit and at rest
  • Prompts and responses stored as part of Microsoft 365 data retention policies
  • Data stays within organization's Microsoft 365 tenant
  • Not used to train foundation AI models
  • May process data internationally but covered by Microsoft's EU Data Boundary commitments
  • Subject to Microsoft's Data Protection Addendum (DPA)
Your Rights

Regarding AI tool usage, you have the right to:

  • Request that we do not use AI tools for your specific project
  • Request details of what information (if any) has been processed through AI tools
  • Request deletion of any AI-processed data from our systems
  • Request copies of meeting recordings (Fathom) at any time
  • Decline to have your meetings recorded
International Data Transfers

All three AI providers process data internationally. When we use AI tools to process your information:

Claude AI (Anthropic):

  • Data may be transferred to and processed in the United States
  • Anthropic maintains Standard Contractual Clauses for GDPR compliance
  • Enterprise-grade encryption and security measures in place

Fathom AI:

  • Data processed and stored on servers in the United States
  • GDPR, SOC 2 Type II, and HIPAA compliant
  • Standard Contractual Clauses in place for international transfers
  • Passed extensive security reviews by Zoom and other platforms

Microsoft Copilot:

  • Data processed within Microsoft 365 global infrastructure
  • Covered by Microsoft's EU Data Boundary commitments
  • Data Protection Addendum (DPA) includes Standard Contractual Clauses
  • GDPR, ISO 27001, and ISO/IEC 27018 compliant
  • Can be configured to keep data within specific geographic boundaries if required

We ensure all third-party AI providers comply with UK GDPR requirements and maintain appropriate safeguards for international data transfers.

Our Commitments

Beyond Touch Ltd commits to:

  1. Only using AI tools where they genuinely enhance service quality
  2. Maintaining privacy-first configurations on all AI subscriptions
  3. Anonymizing or pseudonymizing data before AI processing wherever possible
  4. Using Incognito Mode or similar privacy features for sensitive client work
  5. Always obtaining explicit consent before recording meetings (legal requirement)
  6. Clearly identifying when AI recording bots are present in meetings (Fathom appears as visible participant)
  7. Regularly reviewing and updating our AI tool usage policies
  8. Providing transparency about our AI tool usage when requested
  9. Never allowing AI tools to make final decisions about your business without human review
  10. Maintaining separate data boundaries for different clients
  11. Ensuring all AI providers are GDPR compliant with appropriate safeguards
  12. Disabling web search features on AI tools to prevent data leakage outside secure boundaries (Microsoft Copilot Bing integration disabled)
Questions About AI Tool Usage

If you have questions or concerns about our use of AI tools, or wish to opt-out of AI-assisted service delivery, please contact us at:

  • Email: info@beyondtouch.co.uk
  • Phone: +44 1790 751238

We will always respect your preferences regarding AI tool usage in our service delivery.

Document Control

Policy Owner: Beyond Touch Ltd (Company No. 8488167)
Last Updated: February 2026
Next Review: August 2026
Version: 2.0
ICO Registration: ZA698564
Contact: info@beyondtouch.co.uk

Beyond Touch Ltd is committed to protecting your privacy in accordance with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR)