Privacy Policy

Last updated: 1 March 2026

1. Introduction

Sidekick ("we", "our", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our AI office management platform and related services (the "Service"). By using the Service, you agree to the practices described in this policy.

Sidekick is operated in the United Kingdom. We act as both a data controller for our direct users and as a data processor for data handled on behalf of our users' customers.

2. Information We Collect

Account information: When you sign up, we collect your name, email address, phone number, business name, and billing information.

Business data: Information you provide about your customers, jobs, quotes, invoices, and schedules. This data is stored securely and used solely to provide the Service.

Communication data: Call recordings, transcripts, WhatsApp messages, and SMS messages processed through the Service. These are used to provide AI-powered responses and are stored in encrypted form.

Usage data: Information about how you interact with the Service, including pages visited, features used, device information, IP address, and browser type.

Cookies and tracking: We use essential cookies for authentication and preferences. We use analytics cookies (which you can opt out of) to understand how the Service is used.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process AI-powered call answering, scheduling, quoting, and invoicing
  • Send transactional communications (confirmations, invoices, alerts)
  • Provide customer support
  • Analyse usage patterns to improve the product
  • Comply with legal obligations
  • Detect and prevent fraud or abuse

We do not sell your personal data to third parties. We do not use your business data to train AI models without your explicit consent.

4. Cookies

Essential cookies: Required for the Service to function (authentication, session management). These cannot be disabled.

Analytics cookies: Help us understand usage patterns. You can opt out of these via your browser settings or our cookie consent banner.

We do not use advertising cookies or share cookie data with ad networks.

5. Third-Party Services

We use the following third-party services to operate Sidekick:

  • Cloud hosting: Our infrastructure is hosted on secure, UK/EU-based cloud servers with ISO 27001 certification.
  • Payment processing: Payments are handled by Stripe. We never store your full card details.
  • Communication providers: We use telephony and messaging APIs to handle calls and messages on your behalf.
  • AI processing: Calls and messages are processed using large language models. Data is transmitted securely and not retained by AI providers beyond processing.
  • Analytics: We use privacy-focused analytics to understand product usage.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3) and at rest (AES-256), access controls, regular security audits, and secure development practices. We conduct regular penetration testing and maintain an incident response plan.

7. Data Retention

We retain your account data for as long as your account is active. Business data (customers, jobs, invoices) is retained for the duration of your subscription plus 90 days after cancellation to allow for reactivation. Call recordings are retained for 12 months unless you request earlier deletion. You can export all your data at any time.

8. Your Rights (GDPR)

Under UK GDPR and the Data Protection Act 2018, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Restriction: Restrict processing of your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent

To exercise any of these rights, email us at privacy@getmysidekick.com. We will respond within 30 days.

9. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Continued use after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@getmysidekick.com
Address: Sidekick AI Ltd, United Kingdom