MaiaLabsMAIALABS

Privacy Policy

Last updated: 5 May 2026

1. Who we are

Maia Labs LTD is a company registered in England and Wales. We are the data controller responsible for your personal data processed through this website and our services.

Contact: info@maialabs.net

2. What data we collect

We may collect and process the following personal data:

  • Identity data: name, job title, company name.
  • Contact data: email address, phone number, postal address.
  • Technical data: IP address, browser type and version, time zone, operating system, and platform.
  • Usage data: pages visited, time spent on pages, navigation paths, and referral sources.
  • Communication data: messages you send us via contact forms, email, or telephone, including call recordings where our AI Receptionist service is in use and you have been informed at the start of the call.
  • Transaction data: payment details, purchase history, and billing information processed through our payment provider.

3. How we collect your data

We collect data through:

  • Direct interactions: when you fill in forms, contact us, subscribe to our services, or correspond with us.
  • Automated technologies: cookies, server logs, and analytics tools as you interact with our website.
  • Third parties: analytics providers, payment processors, and advertising networks.

4. Lawful basis for processing

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we rely on the following lawful bases:

  • Consent: where you have given clear consent for us to process your personal data for a specific purpose (e.g. marketing emails).
  • Contract: where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
  • Legitimate interests: where processing is necessary for our legitimate interests (e.g. improving our services, fraud prevention) and your interests and fundamental rights do not override those interests.
  • Legal obligation: where we need to comply with a legal or regulatory obligation.

5. How we use your data

We use your personal data to:

  • Provide and manage our AI services (AI Receptionist, Custom AI Agents, Business Automation, Data Analytics, Website Design, and Vertical AI Solutions).
  • Process payments and manage your account.
  • Communicate with you about your account, services, and support requests.
  • Send marketing communications where you have opted in.
  • Improve our website, products, and services.
  • Comply with legal and regulatory obligations.

6. AI-specific data processing

Our AI services process data to deliver functionality such as call handling, appointment booking, and workflow automation. Key points:

  • Call recordings are stored securely and retained for a maximum of 90 days unless you request earlier deletion.
  • AI models are trained on aggregated, anonymised data. Your individual business data is not used to train models shared with other customers.
  • Customer data processed by our AI agents is isolated per client in separate containers with dedicated memory.
  • No automated decision-making with legal or similarly significant effects is carried out without human oversight.

7. Data sharing

We may share your data with:

  • Service providers: hosting, payment processing, analytics, and communication providers who process data on our behalf under data processing agreements.
  • Professional advisers: lawyers, auditors, and insurers where necessary.
  • Regulatory bodies: HMRC, the ICO, or other authorities where required by law.

We do not sell your personal data to third parties.

8. International transfers

Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including UK International Data Transfer Agreements (IDTAs) or transfers to countries with adequate data protection standards as determined by the UK Secretary of State.

9. Data retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Typical retention periods:

  • Account data: duration of your contract plus 6 years (for tax and legal compliance).
  • Call recordings: 90 days.
  • Marketing data: until you unsubscribe or withdraw consent.
  • Website analytics: 26 months.

10. Your rights

Under UK GDPR you have the right to:

  • Access your personal data (Subject Access Request).
  • Rectify inaccurate or incomplete data.
  • Erase your data (right to be forgotten) where there is no compelling reason for continued processing.
  • Restrict processing in certain circumstances.
  • Data portability — receive your data in a structured, commonly used format.
  • Object to processing based on legitimate interests or direct marketing.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at info@maialabs.net. We will respond within one month.

11. Cookies

Our website uses cookies to distinguish you from other users and improve your experience. You can set your browser to refuse cookies, but some features may not function properly. For details, see our cookie settings on this website.

12. Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS) and at rest, access controls, regular security assessments, and incident response procedures.

13. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk
  • Telephone: 0303 123 1113

14. Changes to this policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.