Back to legal bundle

Bundle version: 2026-03-24-placeholder-v1

Placeholder legal document

Privacy Policy

This is a structured placeholder privacy policy for Mind Matrix designed to support UK GDPR and EU GDPR aligned operations while fuller legal review is completed.

Scope

  • This policy covers tenant account data, lead data, support data, customer enquiry data, job-related information, media, attachments, usage telemetry, and security telemetry processed through Mind Matrix.

Controller and processor roles

  • Mind Matrix acts as controller for tenant lead generation, billing, support interactions, platform account identity, and administrator security records.
  • Mind Matrix acts as processor for tenant customer enquiry data, media, attachments, and job-related data handled through the platform on the tenant’s behalf.
  • Tenants remain responsible for the lawful basis, transparency, and use of their customer communications and job records.

Data categories

  • Account and admin identity data: names, emails, phone numbers, authentication state, support access records, and acceptance records.
  • Tenant business data: organisation profile, package, configuration, branding, channels, and operational settings.
  • Customer and enquiry data: names, phone numbers, email addresses, site addresses, job descriptions, message history, attachments, notes, and linked customer records.
  • Telemetry and service data: messaging events, AI usage, upload sizes, host usage, security logs, and operational diagnostics.

Purposes

  • To operate the service, route enquiries, manage authentication, deliver messages, classify and summarise enquiries, store attachments, support customer workflows, monitor usage, and provide support and security.
  • To comply with legal obligations, investigate abuse, protect the service, and improve reliability and commercial operations.

Rights and cooperation

  • Mind Matrix will support tenants with reasonable requests relating to access, correction, deletion, export, and objection where Mind Matrix acts as processor.
  • Where Mind Matrix acts as controller, Mind Matrix will handle rights requests directly in line with applicable law.
  • Tenants must cooperate when a data subject request relates to tenant customer data handled through the platform.

International transfers and subprocessors

  • Mind Matrix uses third-party processors that may store or process data outside the UK or EEA.
  • International transfers will rely on the relevant contractual and provider safeguards available at the time, including standard contractual clauses or equivalent measures where required.
  • Current subprocessors are disclosed separately to tenants through the tenant legal bundle and operational onboarding materials.

Security and incidents

  • Mind Matrix applies commercially reasonable security measures appropriate to the service stage and hosting model.
  • Mind Matrix will investigate material security incidents and notify affected tenants where required by applicable law or contract.

Retention principles

  • Data is retained only for as long as reasonably needed for service delivery, security, support, legal compliance, billing, and dispute handling.
  • Exact retention windows are not finalised in this placeholder version and will be formalised in a later versioned policy update.