Privacy Policy – GovRedact

This Privacy Policy explains how Cloudy Group Ltd (trading as CloudyIT), company number 04997628, registered in England & Wales (“CloudyIT”, “we”), handles personal data as a controller in connection with the GovRedact platform — for example the personal data of the staff who use GovRedact, and people who contact us. Personal data that we process on behalf of a customer authority (the content of SAR/FOI cases) is covered instead by our Data Processing Agreement, where the authority is the controller and we are the processor.

1. Who we are

CloudyIT is the controller for the personal data described in this policy. For data protection queries contact our data protection team at dpo@cloudyit.co.uk.

2. The personal data we collect

Account & usage data: name, work email, organisation, role, sign-in events, audit logs and activity within the platform.
Authentication data: identifiers from your Microsoft Entra ID tenant (such as your tenant ID and subject identifier) used to sign you in.
Support & enquiry data: information you provide when you contact us or submit an enquiry.
Billing data: billing contact details and transaction records. Card details are handled by Stripe and are not stored by us.
Technical data: IP address, device/browser information and diagnostic logs needed to operate and secure the service.

Case content (the documents and personal data inside SAR/FOI cases) is Customer Data processed under the DPA, not under this policy.

3. How and why we use it (lawful bases)

To provide the service (performance of our contract with your organisation): authentication, access control, delivering features and support.
Security, audit and abuse prevention (legitimate interests / legal obligation): logging, monitoring, malware scanning and maintaining an immutable audit trail.
Billing and administration (contract / legitimate interests).
Responding to enquiries (legitimate interests).
Legal compliance (legal obligation), e.g. responding to lawful requests.

4. AI processing

GovRedact uses Anthropic's Claude models to generate redaction proposals. Content sent for AI processing is used only to return a result to you; it is not used to train third-party models. AI output is decision support only and is always subject to human review.

5. Sharing and sub-processors

We share personal data only with service providers who help us run GovRedact, under appropriate contracts. Our key providers include Microsoft (Azure hosting, storage, database, messaging and transactional email in the UK), Anthropic (AI redaction) and Stripe (payments). A current list of sub-processors used for Customer Data is maintained in the DPA. We do not sell personal data.

6. Where we store data

Platform data is hosted in Microsoft Azure UK South and UK West. Where any processing involves a transfer outside the UK (for example certain AI processing), we put appropriate safeguards in place, such as the UK International Data Transfer Agreement or equivalent.

7. Retention

We keep account, audit and billing records for as long as your organisation uses GovRedact and for the period afterwards required to meet legal, security and accounting obligations. Customer Data retention is controlled by your organisation under the DPA.

8. Your rights

Subject to the UK GDPR, you have rights to access, rectify, erase, restrict and object to the processing of your personal data, and to data portability. To exercise these rights for data we hold as a controller, contact dpo@cloudyit.co.uk. If your request relates to case content, please contact the relevant authority, who is the controller for that data.

9. Cookies

GovRedact uses a small number of strictly necessary cookies. See our Cookie Policy.

10. Complaints

You can complain to the Information Commissioner's Office (ICO) at ico.org.uk, though we'd appreciate the chance to resolve matters first.

11. Changes

We may update this policy from time to time; the “last updated” date at the top reflects the latest version.