Privacy Policy

1. Who We Are

Trilogy Research Ltd (“Trilogy”, trading as “ShoppingServers”) is the controller of personal data processed through our websites, platforms, chatbot interfaces, and services. This Policy applies globally in compliance with UK GDPR, the Data Protection Act 2018, EU GDPR, and other applicable international data protection laws.

2. Our Role

We act as a controller when processing personal data for our own business purposes, such as through our website, chatbot, email, or marketing. When providing services to clients, we may also act as a processor under their instructions.

3. Data We Collect

We collect personal information including your name, business contact details, job title, and records of communications. For voice services and chatbot interactions, we may collect audio recordings, transcripts, chatbot conversation logs, call metadata such as time, duration, and numbers, and related technical data. We also use cookies and similar technologies to monitor website and chatbot usage and improve performance.

4. How We Use Your Data

We use personal data to provide and enhance our services, manage relationships, respond to enquiries, monitor quality, ensure security, and meet legal obligations. The legal bases for processing are performance of a contract, legitimate interests, legal requirements, and where required, your consent.

5. AI, Chatbots, and Call Recordings

Our services use conversational AI, including speech to text, chatbot processing, analysis, and voice generation, to facilitate interactions. Calls and chatbot sessions may be recorded or logged for quality, compliance, service delivery, and training, but only where permitted by law and subject to required consent. We do not make decisions with legal or similarly significant effects solely by automated means without safeguards and the option of human review.

6. Marketing and Consent

Where consent is required, such as for marketing calls, automated messages, or chatbot initiated communications, we will obtain it in advance. You can opt out of marketing communications at any time. We comply with the Privacy and Electronic Communications Regulations (PECR), EU ePrivacy rules, and the US Telephone Consumer Protection Act (TCPA).

7. Sharing Your Data

We may share data with trusted service providers such as hosting, telephony, chatbot platforms, analytics, and security vendors, as well as professional advisers and group entities. All recipients are bound by confidentiality and data protection obligations. We do not sell personal data.

8. International Transfers
If we transfer your data outside the UK or EEA, we apply safeguards such as the EU Standard Contractual Clauses and the UK International Data Transfer Addendum to ensure protection.

9. Security and Retention

We apply appropriate technical and organisational measures to protect personal data, including encryption and access controls. Data is retained only for as long as necessary to fulfil its purpose or as required by law. Call recordings, chatbot logs, and transcripts are retained only for service, training, or compliance needs and then securely deleted.

10. Your Rights and Contact

You have rights under data protection law, including the right to access, correct, delete, or restrict your data, to object to certain processing, and to request data portability or withdraw consent where processing is based on consent. To exercise your rights, please contact us. If you are in the UK, you may also contact the Information Commissioner’s Office (ICO). If you are in the EEA, you may contact your local supervisory authority.