Privacy Policy

1

Introduction

PAT BuddAI 4U ("we", "us", or "our") is committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PAT testing platform and services.

                            ℹ️
                            About Our Commitment
                        

We are fully compliant with the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, and other applicable data protection laws. We implement industry-leading security measures to protect your data.

By using PAT BuddAI 4U, you agree to the collection and use of information in accordance with this policy. We process personal data as a Data Controller under UK data protection laws.

2

Data We Collect

We collect several types of information for various purposes to provide and improve our service to you.

Personal Data

While using our service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you:

Data Category	Examples	Purpose
Account Information	Name, email, phone number, company details	Account creation and management
Professional Data	Qualifications, certifications, PAT tester ID	Compliance verification
Client Data	Client contact details, business addresses	Service delivery and invoicing
Testing Data	Equipment details, test results, photos	Compliance documentation
Financial Data	Billing addresses, payment information	Payment processing

Usage Data

We may also collect information on how the service is accessed and used:

IP address and browser type
Device information and operating system
Pages visited and time spent on pages
Unique device identifiers
Crash reports and performance data

                            🔒
                            Sensitive Data
                        

We do not collect or process sensitive personal data (special category data) unless absolutely necessary for service delivery. Any such data is protected with enhanced security measures.

3

How We Use Your Data

We use the collected data for various purposes:

To provide and maintain our service - Ensuring proper functionality and availability
To notify you about changes - Service updates, maintenance, or policy changes
To allow participation in interactive features - When you choose to use them
To provide customer support - Responding to your requests and inquiries
To gather analysis or valuable information - For service improvement
To monitor service usage - Detecting and preventing technical issues
To detect, prevent, and address technical issues - Security and reliability
To provide compliance documentation - Generating certificates and reports
To fulfill legal obligations - Regulatory requirements and compliance

                            ⚖️
                            Legal Basis for Processing
                        

We process your personal data under the following legal bases:

Contractual necessity - To provide the services you request
Legal obligation - To comply with regulatory requirements
Legitimate interests - For service improvement and security
Consent - Where you have given clear consent

4

Data Protection & Security

The security of your data is important to us. We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.

Security Measures

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access control and multi-factor authentication
Network Security: Firewalls, intrusion detection, and DDoS protection
Physical Security: Secure data centers with 24/7 monitoring
Regular Audits: Security assessments and penetration testing
Employee Training: Regular data protection training for all staff
Backup & Recovery: Regular backups and disaster recovery plans

                            ⚠️
                            Data Retention
                        

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, or reporting requirements. Typical retention periods:

Account data: 7 years after account closure
Testing records: 7 years (compliance requirement)
Financial records: 7 years (legal requirement)
Inactive accounts: 2 years before deletion

5

Data Sharing & Third Parties

We do not sell, trade, or rent your personal data to third parties. We may share your data in the following limited circumstances:

Service Providers

We may employ third-party companies and individuals to facilitate our service, provide the service on our behalf, or assist us in analyzing how our service is used. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Legal Requirements

We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

Business Transfers

In the event of a merger, acquisition, or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different Privacy Policy.

                            🤝
                            Data Processing Agreements
                        

All third-party service providers sign Data Processing Agreements (DPAs) that comply with UK GDPR requirements. We regularly audit our vendors to ensure compliance with data protection standards.

6

Your Data Protection Rights

Under UK data protection laws, you have the following rights regarding your personal data:

Right	Description	How to Exercise
Right to Access	Receive a copy of your personal data	Submit a Subject Access Request
Right to Rectification	Correct inaccurate or incomplete data	Update in account or contact us
Right to Erasure	Request deletion of your data	Submit a deletion request
Right to Restrict Processing	Limit how we use your data	Contact our Data Protection Officer
Right to Data Portability	Receive your data in a usable format	Request portable format
Right to Object	Object to certain processing	Opt-out in settings or contact us
Right to Withdraw Consent	Withdraw consent at any time	Update preferences or contact us

                            ⏱️
                            Response Times
                        

We will respond to all legitimate requests within one month. If your request is particularly complex or you have made multiple requests, we may extend this period by a further two months. We will notify you of any extension within one month of receiving your request.

To exercise any of these rights, please contact our Data Protection Officer using the contact details at the end of this policy.

10

Contact Us

If you have any questions about this Privacy Policy, please contact us:

📧

General Inquiries

privacy@patbudai4u.com

For general privacy questions

👨‍💼

Data Protection Officer

dpo@patbudai4u.com

For data protection requests

📞

Telephone

+44 (0)800 123 4567

Mon-Fri 9am-5pm GMT

📮

Postal Address

Data Protection Officer
PAT BuddAI 4U Ltd
123 Safety Street
London EC1A 1BB
United Kingdom

                            ⚖️
                            Regulatory Authority
                        

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. Contact details:

ICO Helpline: 0303 123 1113

ICO Website: ico.org.uk

📋 Table of Contents