Privacy Policy

1. Who We Are

Heimdell Tech AI is a company registered in England and Wales (Company Number 16478408). ICO Registration Number: ZC079121. We operate as a managed post-sale compliance verification service for UK telecom resellers under the brand name "The Silver Protocol".

Data Controller: Heimdell Tech AI
Contact: Andrew James-Smith
Email: andrew@remoteability.org
Phone: +44 7414 909674

2. What Data We Collect

We may collect and process the following categories of personal data:

2.1 Data collected directly from you

• Name, email address, telephone number (when you contact us or request a consultation)
• Business name and role

2.2 Data collected through our service (The Silver Protocol)

• Customer identity verification data (name, address, date of birth)
• Direct Debit mandate details
• Voice recordings of verification calls
• SMS and email delivery logs with timestamps
• Compliance certificate data

2.3 Data collected automatically via this website

• IP address, browser type, device information
• Pages visited and time spent on pages
• Referral source

3. Legal Basis for Processing

We process personal data under the following legal bases as defined by UK GDPR:

• Legitimate interests (Article 6(1)(f)) — to provide our compliance verification service and to operate our business
• Contractual necessity (Article 6(1)(b)) — to fulfil our service obligations to clients
• Legal obligation (Article 6(1)(c)) — to comply with Ofcom regulations, Consumer Contracts Regulations 2013, and other applicable UK law
• Consent (Article 6(1)(a)) — where explicitly given, for example when subscribing to communications

4. How We Use Your Data

We use personal data for the following purposes:

• Providing and managing The Silver Protocol compliance verification service
• Generating compliance certificates and audit trails for our clients
• Responding to enquiries and providing consultations
• Improving our website and services
• Complying with legal and regulatory obligations

5. Data Sharing

We do not sell personal data. We may share data with:

• Our clients (telecom reseller agencies) — as part of the managed compliance service, including compliance certificates and verification records
• Telecom providers — when compliance evidence is required for audit purposes, at the direction of our client
• Service providers — trusted third parties who assist in operating our service (e.g., hosting, CRM integration), bound by data processing agreements
• Legal authorities — where required by law or regulation

6. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected:

• Verification records and voice logs: retained for a minimum of 6 years in line with regulatory best practice and limitation periods under UK law
• Website analytics data: retained for up to 26 months
• Contact enquiry data: retained for up to 2 years after last communication

7. Your Rights

Under UK GDPR, you have the following rights:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your data (subject to legal retention requirements)
• Right to restrict processing — request limitation of how we use your data
• Right to data portability — request your data in a machine-readable format
• Right to object — object to processing based on legitimate interests

To exercise any of these rights, contact us at andrew@remoteability.org. We will respond within one calendar month.

8. Cookies

This website does not currently use cookies for tracking or advertising purposes. If this changes, this policy will be updated and a cookie consent mechanism will be implemented.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction. This includes encrypted storage, access controls, and regular security reviews.

10. International Transfers

We do not routinely transfer personal data outside the United Kingdom. If a transfer becomes necessary, we will ensure appropriate safeguards are in place in accordance with UK GDPR.

11. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 1113

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.