Privacy Policy

1. Who We Are

 

EchoBI is a business intelligence consultancy based in the UK. We help organisations unlock value from their data and prepare for intelligent transformation through analytics, insights, and strategic guidance.Website: https://www.echobi.ioEmail: hello@echobi.ioWe are the "data controller" for the personal data you share with us.Contact &

 

Data Controller Organisation:

 

EchoBI Ltd (Company No. 16436014)

 

Registered office: Tower House, Northumberland Street, Alnwick, Northumberland, NE66 1LT, United Kingdom

 

Email: hello@echobi.io

​

 

2. What Personal Data We Collect

​

We only collect what we need to provide our services, respond to enquiries, and improve your experience. This may include:Contact details: Name, email address, phone numberBusiness information: Company name, job title, sector, business challengesWebsite usage data: Pages visited, time on site, browser type (via analytics tools)Project data: If you become a customer, we may store business intelligence and consultation informationData understanding requirements: Details about your current data setup and readiness for intelligent solutionsCommunication data: Messages sent via our contact forms or emailWe do not collect sensitive personal data (such as health, biometric, or political information), and we will never sell your data to third parties.

 

3. How We Use Your Data

 

We use your data to:Respond to enquiries about our servicesDeliver business intelligence and transformation servicesProvide strategic guidance and project supportSend occasional updates and insights (if you opt in)Analyse website usage to improve your experienceProcess and respond to your messages, sometimes using AI-powered tools to enhance quality and speedAutomated Processing & Profiling:We do not use your data for automated decision-making or profiling that has a legal or significant effect on you.

​

4. Legal Basis for Processing

 

We rely on the following lawful bases under UK GDPR:Consent: Where you have given explicit permission (e.g., marketing emails)

 

Contract: When processing is necessary to deliver or discuss our servicesLegitimate interests: For improving the website, internal reporting, and business development (always balanced against your rights)

 

5. Who We Share Your Data With

 

We only share your data with trusted third-party service providers who help us run our business. This may include:Website hosting and analytics providers

 

Email and CRM platforms (if you subscribe to updates)Payment or invoicing systems (if you engage our services)

Secure data storage and backend services (e.g., Supabase)

Communication and productivity tools (including AI-powered tools such as OpenAI)

Our providers process your data under our instructions and strict contractual terms.

 

Both Supabase and OpenAI have strong data protection measures and comply with relevant privacy regulations.

 

6. International Data Transfers

Some of our providers are based outside the UK (such as in the United States). When your data is transferred internationally, we ensure it is protected through:UK-approved Standard Contractual Clauses

 

Providers participating in frameworks such as the UK Extension to the EU-U.S. Data Privacy FrameworkRobust contracts and risk assessments

 

We only work with services that meet the standards required by UK data protection law.

 

7. How Long We Keep Your Data

 

We keep your data only as long as necessary for each purpose:

 

Data Type

Retention PeriodEnquiry/contact form12 months after last contactClient consultation data6 years (for accounting/legal obligations)

 

Newsletter sign-ups

Until you unsubscribeAnalytics dataUp to 26 months (depending on provider)

 

AI processing dataProcessed temporarily, not stored long-termWhen data is no longer needed, we securely delete or anonymise it.

 

8. Your Rights

Under UK GDPR, you have rights regarding your personal data:

 

Access: Request a copy of your data

Correction: Fix inaccurate or incomplete data

Erasure: Ask for your data to be deleted

Objection: Object to certain processing, especially for marketing

Withdrawal of consent: At any time, if we rely on it

Data portability: Request your data in a reusable format

To exercise any of these rights, email us at hello@echobi.io.

 

9. Cookies

We use cookies to:

Make our site work properly (strictly necessary)

Understand how visitors use our site (analytics)

Remember your preferences for business intelligence content

Some cookies are set by third-party services.

 

You can manage your cookie preferences any time via our cookie banner or your browser settings.

 

10. Data Security

We take security seriously. We use technical and organisational measures such as encryption, access controls, and secure cloud infrastructure to protect your data.While no system is 100% secure, if we ever suspect a data breach, we will act quickly and notify you (and regulators, where required).

 

We regularly review our processes and train our team on data protection and security.

 

11. Changes to This Privacy Notice

We may update this Privacy Notice to reflect changes in the law or our services. When we do, we will update the "last updated" date at the top of this page.

 

12. Contact Us

Have questions, concerns, or want to know more about how we handle your data?

 

hello@echobi.io

 

If you are not happy with how we handle your data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):https://ico.org.uk/make-a-complaint.

 

 

This Privacy Notice was designed to be clear, accessible, and fair. If you think we can do better, let us know!