Legal

Privacy Policy

Read the Genaima AI Privacy Policy, including how Genaima collects, uses, stores, shares, and protects personal data.

Effective date
19 June 2026
Last updated
19 June 2026

GENAIMA AI LTD, a company registered in England and Wales with company number 17138081 and registered office at 41 The Warren, Hounslow, England, TW5 0JW ("Genaima," "we," "us," or "our"), respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, share, and protect personal data when you visit our website, contact us, book an audit, join a waitlist, use our products, or engage with our AI advisory, implementation, automation, and workflow services.

If you have any questions about this Privacy Policy, you can contact us at:

Email: hello@genaima.ai

Company: GENAIMA AI LTD

Registered office: 41 The Warren, Hounslow, England, TW5 0JW

1. Scope of this Privacy Policy

This Privacy Policy applies when you:

  • visit or interact with our website;
  • complete a contact form, assessment, inquiry, or booking request;
  • book an AI audit, discovery call, workshop, or consultation;
  • join a product waitlist or subscribe to updates;
  • communicate with us by email, call, form, chat, or social media;
  • use any Genaima product, agent, dashboard, application, integration, API, or workflow layer that links to this Privacy Policy;
  • engage us for AI strategy, implementation, automation, integration, advisory, or support services.

Where we process personal data directly for our own business purposes, we usually act as a controller.

Where we process personal data on behalf of a customer as part of that customer's systems, workflows, integrations, automations, documents, tools, or internal operations, we usually act as a processor. In that case, the customer remains responsible for its own privacy obligations, and our processing is governed by the relevant customer agreement and, where required, a data processing agreement.

2. Personal data we collect

We may collect the following types of personal data depending on how you interact with Genaima.

Contact and identity information

This may include your name, email address, phone number, company name, job title, team, location, and other business contact details.

Business and consultation information

This may include information you provide during discovery calls, AI audits, workshops, assessments, proposal discussions, onboarding, or project delivery. This may include details about your business goals, workflows, tools, operations, pain points, internal processes, and technology environment.

Website and usage information

When you use our website or services, we may collect technical and usage data such as IP address, browser type, device type, pages visited, referring pages, timestamps, session activity, approximate location, and interaction data.

Waitlist and product interest information

If you join a product waitlist or register interest in Genaima Omni, Maya, or any related product, we may collect your name, email address, company, role, use case, and any preferences or notes you provide.

Account, product, and service information

If you use any Genaima product, platform, dashboard, workflow agent, API, integration, or client portal, we may collect login information, account details, usage logs, support requests, configuration data, prompts, instructions, files, outputs, and workflow activity.

Customer workflow data

When we provide services to customers, we may process data from connected systems such as documents, workflows, calendars, CRMs, email tools, communication platforms, project management tools, analytics systems, internal knowledge bases, or other business applications.

This data may include personal data about a customer's employees, contractors, clients, leads, suppliers, or other business contacts. In these situations, we usually process the data on the customer's instructions.

Payment, billing, and administrative information

Where relevant, we may process billing contact details, invoices, payment status, tax information, contract records, procurement details, and related administrative information.

Sensitive personal data

We do not intentionally request special category data through our public website, such as health data, biometric data, religious beliefs, political opinions, trade union membership, sexual orientation, or criminal offence data.

If a customer asks us to support workflows involving sensitive or regulated data, this must be handled under a specific customer agreement with appropriate safeguards.

3. How we collect personal data

We may collect personal data:

  • directly from you when you fill out forms, contact us, join a waitlist, book a call, or communicate with us;
  • during audits, workshops, onboarding, implementation, and support;
  • automatically through website analytics, cookies, logs, and similar technologies;
  • from our customers when they provide access to systems, workflows, documents, tools, or data;
  • from third-party platforms that you or a customer connect to our services;
  • from public or professional sources where lawful and relevant for business development, due diligence, or service delivery.

4. How we use personal data

We use personal data for the following purposes.

To respond to inquiries and manage relationships

We use personal data to respond to messages, book meetings, provide information, send proposals, manage commercial discussions, and maintain business relationships.

To provide audits, consulting, and implementation services

We use personal data to deliver AI audits, workshops, advisory work, implementation projects, workflow automation, systems design, onboarding, support, and related professional services.

To operate Genaima products and services

We use personal data to provide, maintain, secure, monitor, and improve any Genaima product, dashboard, agent, application, API, integration, or workflow layer.

To connect and support business systems

Where agreed with a customer, we may process data from connected tools, documents, workflows, meetings, communications, and business systems to help design, automate, analyse, or improve business operations.

To provide AI-assisted functionality

We may use AI systems to support tasks such as summarisation, drafting, classification, workflow routing, information retrieval, recommendations, reporting, anomaly detection, and operational assistance.

To improve our website and services

We use usage data, analytics, support feedback, and aggregated insights to understand how people use our website and services, improve performance, fix issues, and develop better user experiences.

To send updates and marketing communications

We may send product updates, company updates, educational content, event invitations, waitlist updates, or relevant business communications where permitted by law. You can opt out of marketing at any time.

To protect security and prevent misuse

We use personal data to detect, prevent, investigate, and respond to security incidents, misuse, fraud, unauthorised access, service abuse, and technical issues.

To comply with legal and business obligations

We may process personal data to comply with tax, accounting, legal, regulatory, reporting, dispute resolution, and contractual obligations.

5. Lawful bases for processing

We only process personal data where we have a lawful basis under applicable data protection law.

Depending on the context, we may rely on:

  • Contract: where processing is necessary to provide services, products, proposals, onboarding, support, or contractual obligations.
  • Pre-contractual steps: where you ask us to provide information, prepare a proposal, book an audit, or discuss a potential engagement.
  • Legitimate interests: where processing supports our business operations, service improvement, security, product development, customer support, or proportionate B2B communications, provided your rights do not override those interests.
  • Consent: where we rely on your consent, such as for certain cookies, marketing, or optional communications.
  • Legal obligation: where processing is necessary to comply with law, tax, accounting, regulatory, or legal process requirements.
  • Vital interests or public interest: only in rare cases where legally applicable.

6. AI-assisted processing

Genaima builds and supports AI-assisted systems, workflows, automations, and business infrastructure.

We may use AI tools and models to help with:

  • drafting and summarising information;
  • analysing business workflows;
  • classifying documents or tasks;
  • routing work between systems;
  • generating operational recommendations;
  • creating reports, dashboards, or workflow insights;
  • supporting internal service delivery;
  • improving system performance and user experience.

AI-generated or AI-assisted outputs may be incomplete, inaccurate, or require human review. We design our services to support human decision-making, not to remove human responsibility.

Unless we clearly state otherwise in a specific customer agreement or product notice, we do not intentionally use solely automated processing to make decisions about individuals that produce legal or similarly significant effects without meaningful human review and appropriate safeguards.

Unless separately agreed in writing, we do not use customer data submitted through customer environments to train third-party foundation models for general use.

7. Cookies and similar technologies

We may use cookies and similar technologies to operate our website, remember preferences, understand site usage, improve performance, and support analytics.

Some cookies may be essential for the website to function. Others, such as analytics or marketing cookies, may require consent depending on applicable law.

You can manage cookies through your browser settings and, where available, through our cookie banner or preference tool.

8. Marketing communications

We may send you updates about Genaima, our products, services, events, insights, or educational content where permitted by law.

You can unsubscribe from marketing emails at any time by using the unsubscribe link or contacting us at hello@genaima.ai.

Even if you opt out of marketing, we may still send service-related or transactional messages where necessary.

9. Sharing personal data

We do not sell personal data.

We may share personal data with:

  • cloud hosting, infrastructure, storage, and security providers;
  • email, communications, scheduling, CRM, analytics, and support tools;
  • AI model, automation, transcription, and workflow service providers;
  • payment, finance, accounting, tax, legal, and professional advisers;
  • contractors, consultants, or team members who need access to deliver services;
  • customers and authorised users where we process data in a customer-controlled environment;
  • regulators, courts, law enforcement, or public authorities where required by law;
  • buyers, investors, advisers, or successors in connection with a merger, acquisition, financing, restructuring, or sale of business assets.

Where we use service providers, we require appropriate confidentiality, security, and data protection safeguards.

10. International transfers

We may process or allow access to personal data from countries outside the UK.

Where this involves a restricted international transfer under applicable data protection law, we use appropriate safeguards where required, such as adequacy decisions, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, contractual safeguards, or another lawful transfer mechanism.

11. Data retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer period is required by law, contract, accounting rules, dispute resolution, security, or legitimate business needs.

Our usual retention approach is:

  • website inquiries, audit requests, and consultation records: up to 24 months after the last meaningful interaction;
  • waitlist and product interest records: until you unsubscribe, ask us to delete them, or the relevant product waitlist is closed and no longer needed;
  • marketing records: until you unsubscribe or we no longer need them for lawful business communication;
  • website analytics data: typically up to 14 months, depending on the analytics tool used;
  • technical logs and security records: typically between 30 days and 12 months, unless needed for security, investigation, or legal reasons;
  • contract, invoice, tax, and accounting records: typically up to 6 years;
  • customer project records: for the duration of the customer relationship and a reasonable period afterwards for support, legal, audit, and continuity purposes;
  • customer workflow data processed on behalf of customers: as set out in the relevant customer agreement or data processing agreement.

Where possible, we delete, anonymise, or securely archive personal data when it is no longer needed.

12. Security

We use technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction.

These measures may include:

  • access controls and least-privilege permissions;
  • scoped service accounts and authentication controls;
  • encryption in transit and, where appropriate, at rest;
  • logging and monitoring;
  • secure development and operational practices;
  • confidentiality obligations for personnel and contractors;
  • vendor due diligence;
  • incident response procedures;
  • contractual data protection safeguards.

No system is completely secure. We cannot guarantee absolute security, but we work to protect data responsibly and proportionately.

13. Your rights

Depending on the circumstances and applicable law, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate or incomplete data;
  • request deletion of your personal data;
  • request restriction of processing;
  • object to processing based on legitimate interests;
  • object to direct marketing;
  • request portability of certain data;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with the UK Information Commissioner's Office.

Some rights may not apply in every situation.

To exercise your rights, contact us at:

hello@genaima.ai

We may need to verify your identity before responding.

If your data is processed by Genaima on behalf of one of our customers, you should usually contact that customer first. We will support our customers in responding to lawful rights requests where required.

14. Complaints

If you are concerned about how we handle your personal data, please contact us first so we can try to resolve the issue.

You also have the right to complain to the UK Information Commissioner's Office.

15. Children

Our website and services are intended for business users and are not directed at children. We do not knowingly collect personal data from children through our public website.

If you believe a child has provided us with personal data, please contact us.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date on this page.

If we make material changes, we may provide additional notice where appropriate.

17. Contact us

GENAIMA AI LTD

Company number: 17138081

Registered office: 41 The Warren, Hounslow, England, TW5 0JW

Email: hello@genaima.ai