Privacy Policy

Effective date: 24 April 2026

1. Who We Are

TimeCraft Advisory ("we", "us", "our") is a time-efficiency advisory practice. We are the data controller responsible for the personal data we collect and process. For any privacy-related enquiries, contact us at support@timecraftadvisory.com.

2. What Data We Collect

We may collect the following categories of personal data:

• Contact information: name, email address, phone number, job title, and organisation name provided when you book a session or contact us.
• Session data: information shared during your discovery session with Clara, our AI assistant, including details about your working patterns, tools, meetings, and time allocation.
• Technical data: IP address, browser type, and usage data collected automatically when you visit our website.
• Payment data: payment details are processed securely through our third-party payment provider. We do not store full payment card details on our systems.

3. How We Use Your Data

We use your personal data for the following purposes:

• To conduct your discovery session and generate your personalised efficiency report.
• To communicate with you regarding your booking, report delivery, and findings walkthrough.
• To process payments for our services.
• To improve our services and develop our advisory methodology.
• To comply with legal obligations.

4. AI Processing and Voice Recording

Your discovery session is conducted with Clara, an AI-powered voice assistant. Sessions are audio-recorded and automatically transcribed. The transcript is then processed using artificial intelligence tools to analyse your working patterns and generate efficiency recommendations. This processing is integral to our service and is carried out on the legal basis of contractual necessity.

AI-processed data is used solely for the purpose of producing your efficiency report. We do not use your session data to train AI models, and your data is not shared with any AI provider for their own purposes.

Your report is generated with AI assistance and reviewed by a human advisor before delivery. No decisions affecting you are made solely by automated means.

5. Legal Basis for Processing

For clients in the UK and European Economic Area, we process personal data on the following legal grounds under UK GDPR and EU GDPR respectively:

• Contract: processing necessary to deliver the advisory services you have engaged us for.
• Legitimate interests: improving our services and communicating relevant information to you.
• Legal obligation: complying with applicable laws and regulations.
• Consent: where you have given specific consent, for example to receive marketing communications.

For clients in the United States, we process your data as described in this policy in connection with the services you have requested. We do not sell your personal information as defined under the California Consumer Privacy Act (CCPA) or any comparable state privacy law.

6. Data Sharing

We do not sell, rent, or trade your personal data. We will never share your information with third parties for their marketing purposes.

We may share data with trusted service providers who assist us in delivering our services, such as payment processors, hosting providers, email delivery services, and voice session technology. Data is shared only to the extent necessary and under appropriate contractual protections.

We may also disclose data where required by law, regulation, or court order.

7. Data Retention

Session transcripts and recordings are retained for 90 days following the completion of your engagement, after which they are permanently and securely deleted. This 90-day window allows us to address any follow-up queries about your report.

Your efficiency report and contact details are retained for 12 months to support follow-up reviews and ongoing service delivery, unless you request earlier deletion.

You may request deletion of any or all of your data at any time by emailing support@timecraftadvisory.com. We will action all deletion requests within 30 days.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption of data in transit, access controls, and regular security reviews.

9. Your Rights

Depending on where you are located, you may have the following rights regarding your personal data:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Object to or restrict certain processing activities.
• Request a portable copy of your data.
• Withdraw consent at any time (where processing is based on consent).

These rights apply under UK GDPR, EU GDPR, and applicable US state privacy laws including the CCPA. To exercise any of these rights, contact us at support@timecraftadvisory.com. We will respond within 30 days.

10. Cookies

Our website uses the following types of cookies:

• Essential cookies: Required for basic site functionality, such as remembering your cookie consent preference. These do not require consent and cannot be declined.
• Analytics cookies: We use Vercel Analytics to understand how visitors use our site. This helps us improve the experience. Analytics cookies are only set if you click "Accept" on our cookie banner. If you decline, no analytics data is collected.

We do not use advertising cookies, social media tracking cookies, or any cookies that profile you for marketing purposes. We will never sell cookie data or share it with advertisers.

You can change your cookie preference at any time by clearing your browser's local storage for timecraftadvisory.com, which will cause the consent banner to reappear on your next visit.

11. International Transfers

Some of our service providers operate outside the United Kingdom and the European Economic Area, including in the United States. Where data is transferred internationally, we ensure appropriate safeguards are in place, including standard contractual clauses, adequacy decisions, or equivalent protections as required by UK GDPR and EU GDPR.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any material changes will be posted on this page with an updated effective date. We encourage you to review this page periodically.

13. Complaints

If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the relevant supervisory authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk. In the EU, you may contact your local data protection authority. In the US, you may contact your state attorney general's office.

14. Contact

For any questions about this Privacy Policy or your personal data, please contact us at support@timecraftadvisory.com.