Privacy Policy
Outhour Ltd (“Outhour”, “we”, “us”) provides an AI admin assistant for UK tradespeople. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
Outhour Ltd is the data controller for the personal data we process about you. You can contact us at hello@outhour.co.uk.
2. What data we collect
- Account details: your name, business name, email address and phone number.
- Communications: WhatsApp, SMS and call messages routed through Outhour, including transcripts of voice messages.
- Job details: customer enquiries, addresses, quotes, calendar bookings and any notes you add.
- Billing data: subscription plan and limited payment metadata (full card details are handled by our payment processor and never reach our servers).
- Technical data: IP address, device, browser, and basic usage analytics needed to operate and secure the service.
3. How we use your data
We process your personal data to:
- Provide the Outhour service — answering messages, qualifying jobs, sending quotes, and booking work on your behalf.
- Authenticate you, secure your account, and prevent abuse.
- Take payment and manage your subscription.
- Send service-related emails (e.g. receipts, important changes).
- Improve the product and our AI workflows, using data minimisation and pseudonymisation where practical.
- Comply with our legal obligations.
Our lawful bases are: performance of a contract (to deliver the service), legitimate interests (to secure and improve the service), consent (for optional marketing), and legal obligation (e.g. tax, accounting).
4. Third parties we share data with
We use carefully selected processors to deliver Outhour. They only process data on our instructions and under contract:
- Twilio — WhatsApp, SMS and voice call delivery.
- Anthropic (Claude) — AI message understanding and reply generation.
- Supabase — database, authentication and file storage.
- Stripe — subscription billing and payment processing.
- Mailchimp — transactional and marketing emails.
Some of these providers are based outside the UK. Where personal data is transferred internationally, we rely on UK adequacy regulations or the UK International Data Transfer Addendum to the EU Standard Contractual Clauses to ensure your data remains protected.
5. Data retention
- Account data is kept for as long as your account is active.
- Conversation and job history is kept for up to 24 months after your last activity, then deleted or anonymised.
- Billing records are kept for 7 years to comply with UK tax law.
- If you close your account, we delete or anonymise personal data within 30 days, except where we are required to retain it.
6. Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request erasure (“right to be forgotten”).
- Restrict or object to processing.
- Receive your data in a portable format.
- Withdraw consent at any time, where consent is the basis for processing.
- Lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
To exercise any of these rights, email hello@outhour.co.uk. We will respond within one month.
7. Security
We use industry-standard technical and organisational measures — including encryption in transit, role-based access controls, and regular backups — to protect your data.
8. Changes to this policy
We may update this policy from time to time. Material changes will be notified by email or in-app before they take effect.
9. Contact
Questions about this policy or your data? Email hello@outhour.co.uk.