← Back to AskBiz

Privacy Policy

AskBiz Ltd · Effective date: 10 April 2026 · Last updated: 13 April 2026

1. Who We Are

AskBiz Ltd ("AskBiz", "we", "us") operates the AI-powered business intelligence platform at askbiz.co. We are the data controller for personal data processed through our platform.

Contact: privacy@askbiz.co · legal@askbiz.co

2. Data We Collect

Account data: Your name, email address, business type, and country when you register.

Usage data: Questions asked, files uploaded (metadata only — not content), features used, and session information.

Technical data: IP address hash (SHA-256 — raw IP never stored), browser type, and device information for fraud prevention and security.

Payment data: Processed entirely by Stripe. We never see or store your card details.

With your consent only — Financial data: If you opt in to financial data personalisation (see Section 6), we store aggregated financial metrics from your uploaded files.

3. How We Use Your Data

  • Providing and improving the AskBiz service
  • Authenticating your identity and securing your account
  • Processing your subscription payments via Stripe
  • Preventing fraud and abuse (IP hash analysis)
  • Sending service-related emails (account confirmations, billing receipts)
  • With your consent: personalising AI answers using your financial data
  • With your consent: improving AI accuracy using anonymised sector data

4. Legal Basis for Processing

Processing activityLegal basisRegulation
Account creation and authenticationContract performanceGDPR Art. 6(1)(b)
AI analysis of your uploaded dataContract performanceGDPR Art. 6(1)(b)
Fraud prevention via IP hashingLegitimate interestGDPR Art. 6(1)(f)
Payment processingContract performanceGDPR Art. 6(1)(b)
Financial data personalisationExplicit consentGDPR Art. 6(1)(a)
AI training and sector trendsExplicit consentGDPR Art. 6(1)(a)
Service improvement analyticsLegitimate interestGDPR Art. 6(1)(f)

5. Anonymised Upload Analytics

To improve AskBiz, we collect the following anonymised metadata when you upload files. This does not require separate consent as it falls under legitimate interest:

  • File type (CSV or Excel)
  • Number of rows and columns
  • Column header names only (e.g. "Revenue", "Stock") — never the data values
  • Your business type and country from your profile

We never store your actual data values, business names, customer records, or financial figures as part of standard analytics.

6. Financial Data — Consent-Based Processing

If you choose to enable financial data personalisation in Settings → Privacy, we store additional data to improve your AI experience. This processing is based entirely on your explicit, freely given consent which you can withdraw at any time.

Financial data personalisation (opt-in)

Stores aggregated financial metrics from your uploaded files to personalise AI answers and track your business trends over time.

✓ What is stored
Total revenue figures
Average margin percentages
Product category names
Stock level summaries
Product count
✗ Never stored
Individual customer data
Customer names or contacts
Bank account details
Employee information
Supplier names or contracts
Individual transaction records
AI improvement and sector trends (opt-in)

Uses fully anonymised, aggregated data to improve AI answer quality and generate sector trend alerts for businesses in your industry.

✓ What is stored
Anonymised sector averages
Industry trend indicators
Regional performance patterns
✗ Never stored
Any individually identifiable data
Your business name
Specific revenue figures
Any data from fewer than 5 businesses

Financial data is retained for 24 months then automatically deleted. You can delete it sooner at any time in the Privacy section of our website.

You can manage your consent settings at any time at askbiz.co/settings.

7. Sector Trend Alerts

When you consent to AI improvement, you may receive alerts about trends detected across businesses in your sector — for example "UK retail margins have declined 8% this month." These alerts are:

  • Fully anonymised — your business is never identifiable in any alert
  • Statistically protected — only generated when at least 5 businesses contribute to the signal
  • Sector-specific — you only receive alerts relevant to your business type and country
  • Not shared externally — sector trend data is never sold or shared with third parties

8. Data Sharing

We share your data only with the following processors, all bound by appropriate data processing agreements:

  • Supabase — database hosting (AWS EU West)
  • Anthropic — AI processing of your questions (USA — Standard Contractual Clauses apply)
  • Vercel — hosting and CDN (global edge)
  • Stripe — payment processing (PCI DSS Level 1)

We never sell your data. We never share your data with advertisers. We never share individual business data with other AskBiz users.

9. Data Retention

Data typeRetention periodDeletion
Account and profile data2 years after last activityAutomated
Uploaded files and parsed data12 monthsAutomated
Chat conversations12 months (or on request)User-controlled
Financial snapshots (consented)24 monthsAutomated or on request
Billing and payment records7 yearsLegal requirement
IP hash records12 monthsAutomated
Consent audit log3 yearsRequired for compliance
Deleted account data30-day grace periodPermanent after 30 days

10. Your Rights

Under UK GDPR, EU GDPR, and CCPA you have the following rights:

  • Right of access — Request a copy of all data we hold about you
  • Right to erasure — Request deletion of your account and all data (30-day grace period applies)
  • Right to rectification — Correct inaccurate data in your profile
  • Right to portability — Receive your data in a machine-readable format
  • Right to object — Object to processing based on legitimate interest
  • Right to withdraw consent — Withdraw consent for financial data and AI training at any time via Settings → Privacy
  • CCPA opt-out — We do not sell personal data. There is nothing to opt out of.

To exercise any right, email privacy@askbiz.co. We respond within 30 days.

11. Delete Your Account and Data

You can request deletion of your account and all associated data below. There is a 30-day grace period before permanent deletion to protect against accidental requests. You can cancel at any time during this period.

What gets deleted: Profile, conversations, uploads, financial snapshots, IP hashes, and all associated data. Billing records are retained for 7 years as required by law.

Deleting your account will permanently remove all your data after a 30-day grace period. You can cancel the request at any time during those 30 days.

Email privacy@askbiz.co

12. Cookies

AskBiz uses only essential cookies required for authentication. We do not use advertising cookies or third-party tracking cookies.

  • supabase-auth-token — Authentication session (essential, session duration)
  • sb-refresh-token — Keeps you signed in (essential, 1 week)

13. Changes to This Policy

We will notify you by email of any material changes to this policy at least 14 days before they take effect. Continued use of AskBiz after changes take effect constitutes acceptance of the updated policy.

Contact us
Privacy queries: privacy@askbiz.co
Legal matters: legal@askbiz.co
General: hello@askbiz.co
AskBiz Ltd, England and Wales