How we handle data.

The short version

1. Customer data stays with the customer. Proprietary datasets, eval evidence, specialist model weights, and deployment state live inside your environment. They do not flow to Agentsia unless you explicitly share them under a separate agreement.
2. We collect the minimum on our website. Page analytics, a contact-form email address, the text of your message. No cross-site tracking, no advertising pixels, no third-party session replay.
3. We never sell data. Not yours, not visitors', not anyone's.
4. You can ask us to delete what we hold. Email the address on the left. We respond within thirty days.

The detail

1. What this document covers

This policy describes how Agentsia Ltd processes personal data (a) collected through this website and (b) received during the course of a professional-services engagement or platform-licence relationship. It does not cover data you process using the Modelsmith platform inside your own environment, because we do not have access to that data.

2. Website visitors

When you visit our site we may collect: your IP address, your browser user-agent, the pages you request, and the approximate timing of those requests. We use this information only to understand how the site is used, diagnose technical problems, and protect against abuse. We do not use advertising pixels, we do not sell this data, and we do not combine it with data from any third-party source.

If we add analytics tooling in future we will prefer self-hosted or privacy-preserving options (for example, Plausible or a similar log-based analytics service) that do not require consent banners under GDPR.

3. Contact forms and email

When you email us or use the contact form we receive whatever you choose to send us, including your name, email address, organisation, and the text of your message. We process that information to respond to your enquiry, to prepare commercial proposals, and to follow up where relevant. The lawful basis is our legitimate interest in conducting business and responding to prospective customers; where we enter into a contract, the basis becomes performance of that contract.

4. Customer data during an engagement

Agentsia's operating model is deliberately designed so that your proprietary data does not leave your environment. During an engagement we may receive: the identities of your project stakeholders, shared documents you choose to send us, derivative evaluation artefacts we jointly create, and metadata about the platform's health and performance. We do not receive your raw training data, your model weights, your production outputs, or your customer records unless you explicitly and separately agree to share them.

Where we process personal data on your behalf during an engagement, we act as a processor under Article 28 of the UK GDPR and will enter into a data-processing agreement with you on request.

5. How long we keep data

Website access logs are kept for up to ninety days for security and operational purposes. Contact-form submissions and email correspondence are kept for as long as the commercial relationship remains live, or seven years after the last interaction, whichever is shorter, and are then deleted. Contractual records are kept for the longer of six years after contract end or any statutory retention period we are subject to.

6. Sharing

We do not sell data. We disclose personal data only to service providers acting strictly on our instructions (for example, our email provider), to professional advisers bound by confidentiality, or where we are required to by law.

7. International transfers

Our servers and operating environment are hosted inside the United Kingdom and the European Economic Area wherever practical. Where any international transfer occurs we rely on the UK International Data Transfer Agreement or EU Standard Contractual Clauses, as appropriate.

8. Your rights

Under the UK GDPR you have the right to: access the personal data we hold about you, have inaccurate personal data corrected, have personal data deleted in certain circumstances, object to or restrict our processing, and receive your personal data in a portable format. To exercise any of these rights, contact privacy@agentsia.ai. You also have the right to complain to the UK Information Commissioner's Office at ico.org.uk.

9. Changes to this policy

We will update this document when our practices change in any material way, and the effective date on the left will move forward. Material changes will be described in a changelog at the bottom of this page over time.

Privacy policies are rarely the most interesting thing a company publishes. Ours is short because we decided not to need the data that would make it long.