Legal

Privacy Policy

Last updated: March 2026

ProofPoints AI Limited ("ProofPoints", "we", "us", "our") is a company registered in England and Wales. We operate the ProofPoints platform at proofpoints.com and related subdomains.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, ProofPoints AI Limited is the data controller for personal data we process about you when you visit our website or use our platform.

If you have any questions about this policy or wish to exercise your rights, contact us at privacy@proofpoints.app.

Data we collect

We collect different categories of personal data depending on how you interact with us:

Account dataEmail address; your name if you provide it during signup or profile setup.

Usage dataPages and features you access, timestamps, actions taken within the platform, and session metadata.

Content dataCustomer stories, interview transcripts, recordings, and other materials you upload to or create within the ProofPoints platform.

Technical dataIP address, browser type and version, device type and operating system, referrer URL, and cookie identifiers.

CommunicationsEmails, form submissions, or messages you send us directly.

Marketing preferencesYour consent to receive communications from us and your preferences regarding those communications.

We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us immediately.

Why we process your data

UK GDPR requires us to have a lawful basis for processing personal data. We rely on the following:

Consent

Sending you marketing communications, newsletters, or product updates. You can withdraw consent at any time.

Contract

Providing the ProofPoints platform to registered users — creating accounts, processing login requests, and delivering the service.

Legitimate interests

Improving platform security, analysing usage patterns to improve the product, preventing fraud, and responding to enquiries. We balance these interests against your rights.

Legal obligation

Complying with applicable laws, including responding to lawful requests from authorities.

Who we share your data with

We do not sell your personal data. We share data only with third-party service providers who assist us in delivering the platform, including cloud hosting, email delivery, video processing, AI-assisted content generation, and analytics services. All providers are bound by written data processing agreements and are required to process data only on our instruction.

Where providers are based outside the UK, transfers are protected by Standard Contractual Clauses or an adequacy decision. A full list of sub-processors is available on request; contact privacy@proofpoints.app.

International data transfers

Some of our sub-processors are based outside the UK. Where we transfer data to countries without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO). Supabase processes data in Ireland, which benefits from an EU adequacy decision retained under UK law.

How long we keep your data

Account and profile dataActive account lifetime, plus 30 days after deletion request.

Story content and transcriptsActive account lifetime; deleted on request or account closure.

Marketing consent recordsUntil you withdraw consent, plus 1 year for audit purposes.

Platform logs and audit trails90 days.

Financial records7 years (UK legal requirement).

Cookies

We use cookies and similar tracking technologies on our website. Please see our Cookie Policy for full details on what cookies we use, why, and how to manage your preferences.

Your rights under UK GDPR

You have the following rights regarding your personal data. To exercise any of them, email privacy@proofpoints.app. We will respond within one calendar month.

AccessRequest a copy of the personal data we hold about you.

RectificationAsk us to correct inaccurate or incomplete personal data.

ErasureRequest deletion of your personal data ("right to be forgotten"), subject to legal obligations.

RestrictionAsk us to pause processing of your data in certain circumstances.

PortabilityReceive your personal data in a structured, machine-readable format.

ObjectObject to processing based on legitimate interests or for direct marketing.

Automated decisionsNot be subject to a decision made solely by automated processing where it significantly affects you.

Withdraw consentWithdraw any consent you have given at any time, without affecting the lawfulness of prior processing.

Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

Information Commissioner's Office

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

ico.org.uk · 0303 123 1113

We would, however, appreciate the opportunity to address your concerns before you approach the ICO. Please contact us first at privacy@proofpoints.app.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified by email to registered users or by a prominent notice on our website. The "last updated" date at the top of this page will always reflect the current version. Continued use of the platform after changes constitutes acceptance of the updated policy.