Privacy Policy
Last updated: 23 May 2025
1 Who We Are
S4W L.L.C‑FZ, licence no. 2529741, designs and operates bespoke AI solutions for businesses worldwide. We are a data controller for information collected via our website and prospecting; we act as a data processor when we handle client‑provided data inside a project.
2 What Data We Collect
| Category | Examples | Source |
|---|---|---|
| Business Contact Data | Name, email, phone, job title | You |
| Project Data | System exports, call recordings, logs | You / systems you authorise |
| Usage Data | IP address, browser type, pages viewed | Your device |
| Cookie Data | Session ID, analytics cookies | Cookies banner consent |
We do not intentionally collect special‑category data unless you put it in Project Data.
3 Why & How We Use Data
| Purpose | Legal Basis (UK/EU) | Details |
|---|---|---|
| Provide & improve AI solutions | Contract | Build, deploy, test and refine deliverables in line with the SOW |
| Run our website & analytics | Legitimate interest | Keep site secure, spot abuse, measure engagement |
| Marketing (B2B only) | Legitimate interest or consent | Occasional product emails; opt‑out any time |
| Compliance & legal | Legal obligation | Tax, accounting, sanctions‑screening |
4 International Transfers
Where we transfer personal data from the UK/EU to the UAE or elsewhere, we rely on Standard Contractual Clauses plus supplementary measures (encryption, access controls, least‑privilege design).
5 Data Retention
| Data Type | Default Retention | Notes |
|---|---|---|
| Website logs | 12 months | Pseudonymised after 3 months |
| Marketing lists | Until you opt‑out | We keep minimal suppression data to honour opt‑outs |
| Project Data | As set out in the relevant SOW | Typically deleted or returned ≤ 60 days post‑termination |
We may keep copies as required by law (e.g., tax records for 6 years).
6 Security Measures
- Encryption in transit & at rest (AES‑256 / TLS 1.2+)
- Role‑based access controls & MFA
- Annual penetration testing & quarterly vulnerability scans
- Secure‑coding practices & code reviews
- Staff NDAs and mandatory privacy training
7 Your Rights (UK/EU & UAE PDPL)
Access, rectification, erasure, objection, restriction, data portability, withdraw consent, lodge a complaint (ICO / relevant DPA). Email hello@s4w.com. We respond within 30 days.
8 Cookies
We use:
- Essential – site functionality
- Analytics – Google Analytics (IP‑anonymised)
- Functionality – remember preferences
Manage via the cookie banner or your browser settings.
9 Third‑Party Tools
We use trusted service providers—including Vercel (hosting), Google Analytics (analytics), and OpenAI (LLM inference)—plus other telephony and AI-processing partners. Each has its own privacy notice; we vet providers for ISO 27001 or equivalent controls.
10 Changes to This Policy
We'll post updates here and change the "last updated" date. Material changes → 14 days' advance email notice.
11 Contact
hello@s4w.com | Meydan Grandstand, 6F, Nad Al Sheba, Dubai, UAE