Decodefy

GDPR Statement

Data Controller: 8020 Marketing Systems Ltd (trading as Decodefy AI)
Company Number: 07046806
Registered Office: 125 High Road East, Felixstowe, Suffolk, IP11 9PS
Email: info@decodefy.ai
Telephone: +44 7401 330074

Introduction

At Decodefy AI, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and UK data protection law. This statement outlines how we collect, process, store, and protect your personal data when you use our AI marketing chat platform for generating marketing content.

Data We Collect

We may collect and process the following personal data:
- Account information (name, email address, company details)
- Usage data related to our platform
- Marketing content generated through our services
- Search and browsing data when using our research tool
- Payment information where applicable
- AI-generated images and associated metadata

Purpose of Processing

We process your personal data for the following purposes:
- Providing and maintaining our AI marketing chat platform
- Enhancing and personalizing your user experience
- Processing transactions and managing your account
- Analyzing usage to improve our services
- Communicating with you about your account or our services
- Complying with legal obligations

Legal Basis for Processing

We process your data based on:
- Performance of our contract with you
- Your explicit consent
- Our legitimate business interests
- Legal requirements

Data Storage and Security

Your data is stored securely using our technology suppliers, including AWS, Qdrant, Google Cloud, MongoDB Atlas, and Vercel. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

All data is processed and stored within the United Kingdom in accordance with UK data protection laws.

AI-Generated Images

Images generated on our platform are stored with long, obscure filenames, making them extremely difficult to discover without the direct URL. While these images are technically accessible if someone has the exact URL, the complexity of our naming system provides a high degree of practical privacy.

Important: You should not upload sensitive or confidential information to our image generation features, as we cannot guarantee absolute privacy for generated images.

Third-Party Processors

We work with the following technology suppliers who may process your data:
- AWS, Google Cloud, MongoDB Atlas, Vercel (infrastructure and hosting)
- Qdrant (vector database)
- OpenAI, Anthropic, Together AI (AI services)
- Ideogram (image generation)
- Twilio (communications)
- Clerk (authentication)

All our suppliers have been selected for their commitment to data protection compliance and security standards.

Your Rights

Under GDPR and UK data protection law, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with the Information Commissioner's Office (ICO)

International Transfers

As a UK-based company, your data is primarily processed within the United Kingdom. Should we transfer data internationally, we ensure appropriate safeguards are in place to protect your data, such as Standard Contractual Clauses or adequacy decisions.

Data Retention

We retain your personal data according to the following schedule:

- Active accounts: Data retained while your account is active
- Inactive accounts: Automatically deleted after 24 months of inactivity
- Marketing content and AI generations: Deleted 30 days after account closure
- Payment records: Retained for 7 years in accordance with UK tax law requirements
- Support communications: Retained for 3 years from the date of last contact

You may request earlier deletion of your data by exercising your right to erasure.

Changes to This Statement

We may update this GDPR Statement from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new statement on our website or by email notification.

Contact Information

If you have any questions about this GDPR Statement or our data practices, or if you wish to exercise your data protection rights, please contact our Data Protection Officer:

Data Protection Officer: James Cooke
Company: 8020 Marketing Systems Ltd (trading as Decodefy AI)
Address: 125 High Road East, Felixstowe, Suffolk, IP11 9PS
Email: info@decodefy.ai
Telephone: +44 7401 330074

Supervisory Authority: Information Commissioner's Office (ICO)
Website: https://ico.org.uk

Last updated: April 9, 2025