Privacy Policy

This Privacy Policy describes how personal data is collected, used, and disclosed by Enthron AI Ltd. ("Enthron", "we", "us", or "our") in connection with our website at enthron.ai, platform, APIs, and related services (collectively, the "Services").

By accessing or using the Services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy. This policy explains what information we collect, how we use it, how we share it, and the rights you have regarding your personal data.

Enthron AI Ltd is registered in England and Wales under company number 16695816, with its registered office at 167–169 Great Portland Street, 5th Floor, London, W1W 5PF.

We may collect and process the following categories of personal data:

• Registration information: name, email address, username, and password provided when creating an account. Where Single Sign-On (SSO) is used via Google OAuth, we may receive certain account information from the provider, including name, email address, language preference, and profile picture, in accordance with the authorisation procedures of those providers.
• Payment information: transactional data provided in connection with purchases. Payments are processed via Stripe. We do not store credit card numbers. For Stripe's privacy practices, see stripe.com/privacy.
• Technical information: IP address, browser type, device information, and usage data collected during use of the website and Services.
• Communication data: records of interactions with us via contact forms, emails, or other correspondence channels.
• Customer Data: any personal or business data you submit to the Services for processing or analysis.

• To deliver the Services in accordance with our Terms of Service.
• To communicate with you and respond to enquiries.
• To manage invoicing, payments, and accounting.
• To maintain security, prevent fraud, and comply with legal obligations.
• To analyse and improve our Services, including AI outputs and usage statistics.

We process personal data only where we have a valid lawful basis under UK GDPR, which may include:

• You have provided consent.
• Processing is necessary to provide the Services or manage our contract with you.
• Processing is required to comply with legal obligations.
• Processing is necessary for our legitimate business interests that do not override your rights.

We may share your data with:

• Service providers, including cloud hosting, email, analytics, and accounting platforms.
• Professional advisors, including accountants, auditors, and insurers.
• Regulators or public authorities where legally required.

We do not sell your data to third parties.

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit and at rest, access controls, and secure cloud infrastructure. No system can guarantee absolute security, and you acknowledge that use of the Services involves inherent risk.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with applicable legal obligations, resolve disputes, and enforce agreements.

Under UK GDPR, you have the right to:

• Access personal data we hold about you.
• Request corrections if your data is inaccurate or incomplete.
• Request deletion of your data ("right to be forgotten").
• Restrict or object to processing in certain circumstances.
• Request a portable copy of your data or ask us to transfer it to another organisation.

To exercise any of these rights, contact us at contact@enthron.ai. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you are dissatisfied with our handling of your data.

We use cookies and similar tracking technologies to enhance your experience on our website and analyse usage patterns. You may manage cookie preferences through your browser settings. Detailed information is provided in our Cookies Policy.

Most personal data processed through the Services is stored and handled within the United Kingdom. Certain data—specifically payment information—may be transferred outside the UK via our third-party payment provider, Stripe. We ensure that any such transfers comply with UK data protection laws and include appropriate safeguards, such as Standard Contractual Clauses or equivalent mechanisms.

Our Services may integrate with third-party tools or platforms. Any personal data shared with third parties is subject to their respective privacy policies, and we are not responsible for their data practices.

The Services are not intended for use by children. We do not knowingly collect personal data from individuals under the age of 13. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete such information promptly.

We may update this Privacy Policy periodically. When we do, we will update the "Last Updated" date at the top of this document. Continued use of the Services after any changes constitutes acceptance of the updated policy.

For any questions or concerns about this policy, please contact us: