Privacy Policy

How Qted handles data.

Qted is a product of Spykra Technologies UK Ltd. This policy explains what we collect, why we collect it, and how we protect it in line with UK GDPR.

Last updated: 9 May 2026

This Privacy Policy describes how Spykra Technologies UK Ltd ("we", "us", "our") collects, uses, and discloses your personal information when you visit our website, use our app panel, or interact with our public booking pages (collectively, the "Services"). We are committed to protecting your privacy and ensuring the security of the data entrusted to us, in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

Spykra Technologies UK Ltd is the data controller for the processing of your personal data. Our registered office is located at 86-90 Paul Street, London, EC2A 4NE, England. For any privacy-related inquiries, please contact us at [email protected].

2. Information We Collect

A. Information You Provide Directly

  • Account Registration: When you create a tradesperson account, we collect your name, business name, email address, phone number, business address, and professional credentials (e.g., Gas Safe registration numbers).
  • Profile Information: We store the content you upload to your public profile, such as service descriptions, photos of your work, portfolio items, and blog posts.
  • Communication: When you contact our support team, we keep a record of the correspondence to assist with your inquiry.

B. Information Collected from Third Parties

  • Social Sign-In: If you choose to log in using Google, Apple, or Meta (Facebook), we receive a unique token and basic profile information (name and email) from these providers.
  • Payment Processing: We integrate with Stripe for billing. While we do not store full credit card numbers, we receive payment status, last four digits of the card, and Stripe-specific identifiers (Customer ID, Connect ID).

C. Information Collected Automatically

  • Technical Logs: We collect IP addresses, browser types, device information, and operating system details to ensure platform security and optimize performance.
  • Usage Data: We track how you interact with the Platform, including features used, pages visited, and time spent on the Services.

D. Customer Data (Lead and Booking Management)

When your customers interact with your booking page, we collect their name, email, phone number, and details of their job request. In this context, Qted acts as a Data Processor on your behalf. You, as the tradesperson, are the Data Controller for your customers' information.

3. How We Use Your Information

We process your data for the following purposes:

  • Service Delivery: To provide core features like AI-assisted quoting, booking management, and profile hosting. (Legal basis: Contract performance).
  • Business Operations: To manage your subscription, process payments via Stripe, and send billing notifications. (Legal basis: Contract performance).
  • Communications: To deliver automated notifications to you and your customers via WhatsApp (Meta), SMS (Twilio), and Email (Postmark). (Legal basis: Legitimate interest).
  • Platform Security: To detect, prevent, and investigate fraudulent activity or security breaches. (Legal basis: Legitimate interest).
  • Product Improvement: To analyze usage trends and enhance our AI models and user interface. (Legal basis: Legitimate interest).
  • Legal Compliance: To comply with tax, accounting, and regulatory requirements in the UK. (Legal basis: Legal obligation).

4. Data Sharing and Disclosure

We do not sell your personal data. We share your information only with trusted third-party service providers necessary to deliver our Services:

  • AWS (Amazon Web Services): For secure cloud hosting and database management in the UK and Ireland.
  • Stripe: For all payment processing and Connect account management.
  • OpenAI: For processing voice recordings and text to generate structured quotes.
  • Meta (WhatsApp): For delivering automated notifications to tradespeople and customers.
  • Google/Apple: For social authentication and calendar synchronization features.
  • Postmark/Twilio: For delivering email and SMS communications.

5. AI Processing and Voice Recordings

When you record a voice note for AI quote generation, the audio file is temporarily stored on our secure AWS S3 servers. It is then sent to OpenAI for transcription and parsing. Voice recordings are automatically deleted from our servers within 24 hours of successful processing. OpenAI does not use data submitted via their API to train their models.

6. International Data Transfers

While we prioritize storing data within the UK and EEA, some of our providers (such as OpenAI and Meta) process data in the United States. We ensure that such transfers are protected by Standard Contractual Clauses (SCCs) or other legally recognized adequacy mechanisms to ensure your data remains protected to UK standards.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with Services. We also retain and use your information as necessary to comply with our legal obligations (e.g., 6 years for tax records), resolve disputes, and enforce our agreements.

8. Your Data Protection Rights

Under UK GDPR, you have the following rights:

  • The right to access: You can request copies of your personal data.
  • The right to rectification: You can request that we correct any information you believe is inaccurate.
  • The right to erasure: You can request that we erase your personal data under certain conditions.
  • The right to restrict processing: You can request that we restrict the processing of your personal data.
  • The right to object to processing: You can object to our processing of your personal data.
  • The right to data portability: You can request that we transfer the data we have collected to another organization.

To exercise any of these rights, please contact us at [email protected].

9. Security

We implement robust technical and organizational measures to protect your data, including encryption in transit (SSL/TLS), encryption at rest, and strict access controls. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

10. Cookies

We use cookies and similar technologies to track activity on our Services and hold certain information. For detailed information, please refer to our Cookie Policy.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact and Complaints

If you have any questions about this Privacy Policy, please contact us at [email protected]. If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.