Privacy Policy

1. Introduction

INAGENTIC LTD (Company Number: 16702679) ("we", "us", or "our") operates FileDone.co.uk (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Registered Address:
16 Mill Road, Wolvercote
Oxford, England
OX2 8PR
United Kingdom

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

• Email Address: For account authentication and communication
• Company Information: Company names, registration numbers, and filing dates you add to track compliance
• Usage Data: Information about how you interact with our Service
• Reminder Preferences: Dates and preferences for compliance reminders

2.2 Automatically Collected Information

• Log Data: IP address, browser type, operating system, pages visited
• Cookies: See our Cookie Policy for detailed information
• Device Information: Device type, unique device identifiers

3. How We Use Your Information

We use your information for the following purposes:

• Service Provision: To provide and maintain our compliance tracking service
• Authentication: To verify your identity and secure your account
• Communications: To send you reminder emails, compliance alerts, and service updates
• Compliance Data: To fetch and display information from Companies House API
• AI Features: To provide AI-powered compliance assistance (data processed via AWS Bedrock)
• Service Improvement: To analyze usage patterns and improve our Service
• Legal Compliance: To comply with legal obligations and protect our rights

3.1 Legal Basis (GDPR)

We process your personal data based on:

• Consent: You have given explicit consent for email communications
• Contract: Processing is necessary to provide the Service you requested
• Legitimate Interest: Service improvement and fraud prevention

4. Data Storage and Security

4.1 Storage Location

Your data is stored:

• Local Storage: Some preferences stored in your browser
• AWS (EU Region): Data hosted in eu-west-1 (Ireland)
• Companies House API: Company data fetched in real-time from UK government sources

4.2 Security Measures

We implement:

• Encryption in transit (HTTPS/TLS)
• AWS infrastructure security controls
• Access controls and authentication
• Regular security updates and monitoring

5. Data Sharing and Third Parties

We share your data with:

• Companies House: To retrieve UK company compliance data
• AWS (Amazon Web Services): For hosting, email delivery (SES), and AI services (Bedrock)
• Anthropic: AI processing via AWS Bedrock (Claude models)

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

6. Your Rights Under UK GDPR

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for email communications at any time

To exercise these rights, contact us at: privacy@filedone.co.uk

7. Email Communications and Consent

We send emails only with your explicit consent:

• Magic Link Authentication: One-time login emails (essential for service)
• Reminder Emails: Only after you schedule them (requires explicit consent)
• Service Updates: Critical service announcements only

Unsubscribe: You can disable reminder emails at any time through your dashboard settings or by clicking unsubscribe links in emails.

8. Data Retention

We retain your data:

• Active Accounts: While your account is active
• After Account Deletion: Backup data retained for 30 days, then permanently deleted
• Legal Requirements: Some data may be retained longer if required by law
• Log Data: Retained for up to 90 days for security and debugging

9. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

Your data is processed within the UK and EU (Ireland). AWS provides adequate data protection safeguards compliant with UK GDPR requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

For questions about this Privacy Policy or to exercise your rights:

13. Supervisory Authority

If you have concerns about our data processing practices, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):