SignalLine AI
Legal

Privacy Policy

How we collect, use, and protect personal data. Last updated 26 April 2026.

This Privacy Policy explains how SignalLine AI(“we”, “us”) processes personal data in connection with our website (https://signalline.io) and our AI voice agent services. It applies to visitors to our website, people who contact us, and individuals whose calls are handled by AI agents we operate on behalf of our customers.

We follow the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (“PECR”), as amended by the Data (Use and Access) Act 2025.

1. Who we are (data controller)

For data we collect through this website and from people who contact us directly, the data controller is Sparkline Consulting Ltd (trading as SignalLine AI), a company registered in England under company number 16269648, with its registered office at 78 Prospect House, Sun Passage, London SE16 4AF.

We are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZC143411.

For personal data processed during AI voice calls placed or received on behalf of our customers, the customer business is the data controller and Sparkline Consulting Ltd acts as a data processor under their instructions.

For privacy questions or to exercise your rights, contact us at dmitri.dolgorukov@signalline.io.

2. What personal data we collect

2.1 Website visitors

  • Analytics (only with your consent): IP address, user-agent, page visited, referring page. Used to understand site usage. Retained for up to 30 days.
  • Chat widget (when you start a chat): the messages you send and the responses generated by our AI. We show an in-chat disclosure on first open before any message is sent. Stored for up to 90 days for support and quality purposes.
  • Strictly necessary cookies: a small cookie that records your cookie-banner choice so we can respect it on future visits.

2.2 People who contact us

  • Name, work email, company, phone number (optional), use case, and the content of your message — provided through our contact form or by email.

2.3 People whose calls are handled by our AI agents

  • Phone number, and any name, company, callback number or message you provide during the call. The conversation is processed in real time and a written transcript is retained for up to 90 days. The audio of the call is not recorded or stored.
  • For inbound calls, returning callers may be recognised by phone number and greeted accordingly.

3. Why we process this data and our legal basis

  • Running the website: legitimate interest in operating, securing, and improving the site.
  • Analytics: your consent under PECR Reg 6 and UK GDPR Art 6(1)(a). You can withdraw consent at any time using the cookie settings.
  • Chat widget: our legitimate interest in providing support and pre-sales information when you choose to start a chat. We show an in-chat disclosure on first open so you know your messages will be processed by a US-based AI sub-processor under UK Standard Contractual Clauses.
  • Replying to your enquiry: your consent and our legitimate interest in responding to people who contact us.
  • Marketing communications: your separate consent. We do not send marketing emails unless you have ticked the marketing-opt-in box.
  • AI voice calls handled for customers: we process this data on the customer’s instructions. The customer is responsible for the legal basis (typically prior consent for outbound and legitimate interest for inbound).

4. How calls are handled and disclosed

At the start of every AI-handled call we play a notice that the caller is speaking with an AI assistant and identify the business on whose behalf the call is being handled. The audio of the call is not recorded; the conversation is processed in real time, and a written transcript is retained for up to 90 days. Callers can ask to be transferred to a human at any point during the call.

5. Who we share data with (sub-processors)

We use a small number of vetted sub-processors covering AI language and speech services, SIP trunking and telephony media, transactional email, and EU/UK-based hosting. We have signed data processing agreements with each, and where transfers leave the UK we rely on UK Standard Contractual Clauses or equivalent approved transfer mechanisms.

We do not disclose the specific suppliers we use on this page. The current sub-processor list is provided to customers on request as part of their Data Processing Agreement, including the categories of data each sub-processor receives, the jurisdiction they operate in, and the transfer mechanism relied on. Email dmitri.dolgorukov@signalline.io to request the current list.

6. International transfers

Some sub-processors are located in the United States. We use UK Addendum to the EU Standard Contractual Clauses (or equivalent approved mechanism) for these transfers and maintain a transfer impact assessment. You can request a summary of these safeguards at dmitri.dolgorukov@signalline.io.

7. How long we keep data

  • Website analytics: 30 days.
  • Chat-widget conversations: 90 days.
  • Contact-form enquiries: kept for the duration of the related conversation plus 12 months.
  • Call transcripts: 90 days, automatically deleted thereafter. Audio of calls is not recorded or stored.
  • Captured contact details (name, callback number, email, reason for the call, where you provide them): up to 24 months from the call, then automatically deleted.
  • Call-log metadata (phone numbers dialled, timestamps, duration, outcome): up to 12 months, then automatically deleted.

8. Your rights

Under UK GDPR you have the right to:

  • Be informed about how we use your data (this policy).
  • Request a copy of the data we hold about you (access).
  • Have inaccurate data corrected (rectification).
  • Have your data deleted (erasure / right to be forgotten).
  • Restrict or object to processing.
  • Receive your data in a portable format (portability).
  • Withdraw consent at any time, where processing relies on consent.
  • Not be subject to a decision based solely on automated processing that has a legal or similarly significant effect. Where this applies, you can ask for human review.

To exercise any of these rights, email dmitri.dolgorukov@signalline.io. We will respond within one calendar month.

If your request relates to a call handled on behalf of a customer, we will pass the request to the customer (the controller) and assist them in responding.

9. Complaints

If you are unhappy with how we have handled your data you can complain to the UK Information Commissioner’s Office:

We would appreciate the chance to address your concerns first — please contact us before raising a formal complaint.

10. Cookies

See our Cookie Policy for details of every cookie set by this site, its purpose, and how long it lasts. You can change your cookie choices at any time using the cookie settings link in the footer.

11. Changes to this policy

We may update this policy from time to time. The date at the top reflects the most recent change. Material changes will be announced on the website.

12. Contact

Sparkline Consulting Ltd (trading as SignalLine AI)
78 Prospect House, Sun Passage, London SE16 4AF
Registered in England · Company No. 16269648
dmitri.dolgorukov@signalline.io

About this policy. This policy is provided in good faith and reflects our current processing. It is not a substitute for legal advice. We recommend reviewing it periodically and contact us if anything is unclear.

Call Thalia · +44 20 4511 4077