Privacy policy

This policy explains how Skim AI Limited (“Skim”, “we”, “us”) collects, uses, and protects personal data when you visit justskim.ai, book a demo, or otherwise interact with us. We act as a data controller for the personal data described below and process it in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Separate terms apply to personal data we process on behalf of customers within the Skim product. Where Skim AI Limited acts as a data processor for a customer, the relevant data processing agreement signed with that customer governs — not this policy.

1. Who we are

Skim AI Limited is a company registered in England and Wales under company number 15721840, with registered office at Allingham Court, 44 The Bishops Avenue, London, England, N2 0BA. You can contact us about this policy at justin@justskim.ai.

2. What data we collect

• Demo bookings: name, work email, company name, and any additional information you provide when you book a call via Calendly.
• Email correspondence: messages you send us, including any information you choose to share.
• Strictly necessary cookies: a minimal set required for the site to function, described in our Cookie Policy.

Skim is sold to businesses, not consumers. We do not knowingly collect personal data from anyone under 18.

3. Why we use it — lawful bases under UK GDPR

• To respond to demo requests and emails — Article 6(1)(b) UK GDPR (steps taken at your request prior to entering into a contract) and/or Article 6(1)(f) (our legitimate interest in running a B2B sales process you initiated).
• To send sales follow-ups — Article 6(1)(f) UK GDPR, relying on the “soft opt-in” under regulation 22(3) of the Privacy and Electronic Communications Regulations (PECR) where applicable. You can opt out at any time using the unsubscribe link in any email or by contacting us.
• To comply with legal obligations — Article 6(1)(c) UK GDPR (for example, tax, accounting, or responding to lawful requests).

4. How we use your data with AI

We do not use your personal data, your messages to us, or any customer data within the Skim product to train any AI or machine-learning model, whether our own or a third party’s. Customer data is not shared with other customers and is not made public.

5. Where your data is stored

We host data on Amazon Web Services (AWS), within European Union regions. AWS acts as our infrastructure sub-processor and is contractually bound to process personal data only on our instructions and in accordance with the UK GDPR and equivalent EU law.

6. Who we share data with

We do not sell personal data and we do not share it with advertisers or data brokers. We use a small number of vetted service providers as sub-processors to operate our business:

• Amazon Web Services (AWS) — hosting and storage of operational data.
• Calendly — demo scheduling (only personal data you submit through the booking form).
• HeyGen — AI-generated product video hosted on this site. When a HeyGen video is played, HeyGen and its own sub-processors (including Datadog for monitoring) may receive technical information such as your IP address, browser, and playback events under HeyGen’s privacy policy. We do not pass any name, email, or other identifier you have given us to HeyGen.

We may also disclose personal data where required by law, in response to a lawful request from a public authority, or to establish, exercise, or defend legal claims.

7. International transfers

Where we transfer personal data outside the United Kingdom or European Economic Area, we rely on one of the transfer mechanisms recognised under UK GDPR — the UK’s adequacy regulations, the UK International Data Transfer Addendum to the EU Standard Contractual Clauses, or the UK Extension to the EU–US Data Privacy Framework, depending on the recipient. We can provide a copy of the safeguards in place on request.

8. How long we keep it

• Demo enquiries and sales correspondence: kept while there is an active enquiry and for a reasonable period afterwards, and then deleted unless you become a customer.
• Records required for tax and accounting purposes: kept for at least six years after the end of the accounting period to which they relate, in line with HMRC requirements.
• Information you have asked us to keep (for example so we do not contact you again): kept for as long as needed to honour your request.

9. Your rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you.
• Have inaccurate data corrected.
• Have your data erased, where applicable.
• Restrict or object to processing, including processing based on legitimate interests.
• Receive your data in a portable, machine-readable format, where applicable.
• Withdraw consent at any time, where we rely on your consent.
• Not be subject to a decision based solely on automated processing that produces legal or similarly significant effects (we do not carry out any such automated decision-making on the marketing site).

To exercise any of these rights, email justin@justskim.ai. We will respond within one calendar month, in line with UK GDPR.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ico.org.uk), the UK’s data protection authority. We would, however, appreciate the chance to address your concern first.

10. Security

We protect personal data with technical and organisational measures appropriate to the risk, including encryption in transit (TLS) and at rest, least-privilege access controls, and regular review of who has access to what. Where we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where the risk is high, notify you directly without undue delay.

11. Changes to this policy

We will post material changes here and update the “last updated” date above. Continued use of the site after a change indicates acceptance of the revised policy.

12. Contact

Questions about this policy or how we handle your personal data: justin@justskim.ai.