Privacy Policy

Last updated: 6 May 2026

1. Who we are

This website (aiprojectfixers.com) is operated by AI Project Fixers Ltd, a private limited company registered in England and Wales (company number 16245447), with its office at STEAMhouse, Belmont Row, Birmingham, United Kingdom, B4 7RQ.

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, AI Project Fixers Ltd is the data controller for personal data collected through this website and through our client engagements.

If you have any questions about this Privacy Policy or how we handle your personal data, contact us at [email protected].

2. The personal data we collect

We only collect personal data that we need to operate the website, respond to enquiries, and deliver our services. The categories of data we may collect are:

  • Contact data — name, email address, company name, and any other information you choose to send us when you contact us by email or through any form on the site.
  • Engagement data — information you share with us about your project, codebase, systems, or team during a client engagement.
  • Technical data — IP address, browser type and version, device type, time-zone, operating system, and similar information automatically logged by the web server and any analytics or security services we use.
  • Usage data — pages visited, links clicked, time on page, referrer, and similar information about how you interact with the website.

We do not knowingly collect personal data from children. The website is not directed at people under 16.

3. How we use your personal data and our lawful basis

We process your personal data only when we have a lawful basis under UK GDPR to do so. The lawful bases we rely on are:

  • Legitimate interests — to operate the website, respond to enquiries, keep records of our business communications, secure our systems, and improve our services.
  • Performance of a contract — to deliver the services we have agreed to provide to a client, including invoicing and project communications.
  • Consent — where required for non-essential cookies and similar technologies (see our Cookie Policy).
  • Legal obligation — where we are required to retain or disclose data to comply with a legal or regulatory requirement (for example, accounting and tax records).

4. Who we share your data with

We do not sell your personal data and we do not share it with third parties for their own marketing purposes. We share personal data only with carefully selected service providers who help us operate the website and run our business, including:

  • Web hosting and content delivery providers.
  • Email and productivity providers used to receive and reply to your correspondence.
  • Accounting, legal, and professional advisers, where reasonably needed.
  • Government, regulatory, or law-enforcement bodies, where we are required to do so by law.

All of our processors are bound by appropriate data-processing terms that require them to keep your data secure and to use it only for the purposes we instruct.

5. International transfers

Some of our service providers may process personal data outside the United Kingdom. Where this happens, we make sure that an appropriate safeguard is in place — for example, an adequacy decision recognised by the UK Government, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses.

6. How long we keep your data

We keep personal data only for as long as we need it for the purpose we collected it for, plus any period we are required to keep it for by law. As a guide:

  • Enquiry correspondence — typically up to 24 months from the last contact, then deleted unless an engagement begins.
  • Client engagement records — for the duration of the engagement and for up to 7 years after, in line with our accounting and tax obligations.
  • Server, security and analytics logs — usually no more than 12 months.

7. How we keep your data secure

We take appropriate technical and organisational measures to protect your personal data — including encryption in transit (HTTPS), strong access controls, separation of administrative and client environments, and a “least access” approach to who on our side can see what.

No system is perfectly secure. If we ever become aware of a personal-data breach that affects you, we will notify you and the Information Commissioner’s Office (ICO) where required by law.

8. Your rights

Under UK GDPR you have the following rights in relation to your personal data:

  • The right to be informed about how we use your data.
  • The right to access the personal data we hold about you.
  • The right to have inaccurate or incomplete data corrected.
  • The right to ask us to delete your data (“right to be forgotten”) in certain circumstances.
  • The right to restrict or object to certain types of processing.
  • The right to data portability.
  • The right to withdraw consent at any time, where we are relying on consent.

To exercise any of these rights, email [email protected]. We aim to respond within one calendar month.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe we are not handling your data correctly. The ICO’s website is ico.org.uk.

9. Changes to this policy

We may update this Privacy Policy from time to time. The date at the top of the page shows when it was last updated. Material changes will be highlighted on the website where reasonably possible.

Analytics & Google Analytics 4

We use Google Analytics 4 (measurement ID G-2VLHPHKM0E) to understand how visitors find and use the website. The data we receive from Google Analytics is aggregate and pseudonymised; we do not see individual identities.

  • Lawful basis: consent (UK GDPR Art. 6(1)(a)). Analytics tags only fire after you accept analytics cookies on the banner.
  • Data processed: pseudonymous client identifier, anonymised IP address, page URLs viewed, referrer, approximate location (country/region), device and browser information, session duration.
  • Processor: Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (with onward transfer to Google LLC under the EU–US Data Privacy Framework and the UK extension).
  • Retention: 14 months in Google Analytics, after which user-level data is automatically deleted; aggregated reports are kept indefinitely.
  • IP anonymisation: enabled by default. We do not enable Google Signals or remarketing audiences.
  • Withdrawal: open the cookie settings link in our footer to revoke consent at any time, or use Google’s browser opt-out add-on.

For full details on how cookies and similar technologies are used on this site, see our Cookie Policy.