This Privacy Policy explains how AutomateIn1Day Ltd ("we", "us", "our") collects, uses, stores, and shares your personal data when you visit automatein1day.com or engage us as a client. We are the data controller for the purposes of UK GDPR and the Data Protection Act 2018.
1. Who we are
AutomateIn1Day Ltd. A UK-based studio. Contact: hello@automatein1day.com. We do not employ a dedicated Data Protection Officer (not required under UK GDPR for an organisation of our size) — data requests go to the contact email above.
2. What data we collect
- Site analytics: Aggregated, privacy-first metrics via Plausible and Cloudflare Web Analytics (page views, referrer, country, browser). No cookies, no cross-site tracking, no personal identifiers.
- Contact form / email: Name, email, and any details you choose to share when you email us, book a call, or submit a contact form.
- Client engagement data: Business information, credentials for tools you authorise us to access, and conversation history relating to work we do for you.
- Booking data: Via Cal.com — name, email, timezone, and any fields you complete on their booking form.
3. How we use it
- Responding to your enquiries and delivering services you've engaged us for.
- Improving the site and understanding which content works (aggregated analytics only).
- Sending service-related communications during active engagements.
- Legal compliance (invoicing records, tax).
We do not send marketing emails without explicit opt-in, and we do not sell, rent, or share your data with third parties for marketing.
4. Third parties we use
Your data is processed by a small set of trusted sub-processors, all of whom are GDPR-compliant:
- Cloudflare (hosting, DNS, CDN, analytics) — US/global, Standard Contractual Clauses in place.
- Plausible Analytics — EU-hosted, cookieless analytics.
- Resend (transactional email) — US-based, SCC.
- Cal.com (booking) — EU-hosted.
- Google Workspace (email, calendar) — SCC.
- Anthropic / OpenAI (AI model providers, only for the live AI demo on the home page) — US-based, data not used to train models on our API tier.
5. Client data (active engagements)
When we build automations for you, your client data remains on your infrastructure (your Google Workspace, your CRM, your n8n instance). We access it under a Data Processing Agreement (DPA) available on request. We do not pool client data on our servers.
6. Cookies
This site uses no tracking or marketing cookies. We use privacy-first analytics that operate without cookies. No consent banner is displayed because there is nothing to consent to.
7. Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you.
- Request correction or deletion.
- Object to or restrict processing.
- Data portability.
- Withdraw consent (where processing is based on consent).
- Complain to the Information Commissioner's Office (ico.org.uk).
Exercise any of these by emailing hello@automatein1day.com. We respond within 30 days.
8. Retention
- Analytics data: aggregated and retained up to 24 months.
- Contact form enquiries: up to 24 months or until you ask us to delete them.
- Active client data: for the duration of the engagement + 12 months.
- Invoicing records: 7 years (UK statutory requirement).
9. International transfers
Some sub-processors operate outside the UK. Transfers are covered by the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU SCCs, or an adequacy decision. Details on request.
10. Changes to this policy
Material changes will be dated at the top of this page. The current version supersedes all prior versions. Continued use of the site after changes constitutes acceptance.
11. Contact
Data protection enquiries: hello@automatein1day.com.