Logicdialog Ltd — Master Agreement

This Master Agreement contains:

  • Terms & Conditions (the “Terms”)

  • Annex A – Data Processing Addendum (DPA) (summary; binding)

  • Annex B – Security Measures (summary; no implied certification)

  • Annex C – Sub‑processors & Change Notifications

  • Annex D – Optional Output Copyright Commitment (Add‑On; if offered)

  • Annex E – Service Level Agreement (SLA) (full text)

  • Annex F – Data Subject Access Request (DSAR) Policy (full text)

  • Annex G – Privacy Policy (full text)

TERMS & CONDITIONS

1. INTRODUCTION

1.1 These Terms and Conditions (“Terms”) govern the Services provided by Logicdialog Ltd (“Logicdialog”, “LD”, “we”, “us”), company no. 10899737, registered office Tramshed Tech, Pendyris Street, Cardiff, CF11 6BH.
1.2 These Terms, together with any Order Form/SOW, the Service Level Agreement (Annex E), the Privacy Policy (Annex G), the DSAR Policy (Annex F), and the Data Processing Addendum (Annex A) (and, where applicable, Annexes B–D), form the entire agreement with the Customer (“Customer”) and supersede prior proposals or agreements.
1.3 These Terms apply to paid and trial Services. By using the Services, Customer agrees to these Terms.

2. DEFINITIONS

Key terms (others defined in context):

  • Acceptable Use Policy (AUP): the use restrictions in clause 5.

  • AI/LLMs: large language models and generative AI used by or integrated with the Services.

  • Annexes: Annex A (DPA), Annex B (Security Measures), Annex C (Sub‑processors & Notice), Annex D (Output Copyright Commitment – optional), Annex E (SLA), Annex F (DSAR), Annex G (Privacy).

  • Auto‑Renewal: renewal per clause 18.2.

  • Beta Services: pre‑release or experimental features per clause 17.4.

  • Confidential Information: non‑public information disclosed by a party.

  • Customer Content/Data: all data, prompts, documents, and materials provided by or on behalf of Customer (including End‑User data).

  • End‑User: a user to whom Customer makes the Services available.

  • Order Form: Logicdialog ordering document specifying plan, term, and fees.

  • Output: AI‑generated or system‑generated content produced by the Services.

  • Personal Data: as defined by Data Protection Legislation.

  • Professional Services: implementation, integration, consulting, or custom work.

  • Security Incident: unauthorised access to Customer Personal Data leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, such data while processed by Logicdialog.

  • Services: Logicdialog’s platform, Software, APIs, and related services.

  • Sub‑processor: third party engaged by Logicdialog to process Personal Data.

3. ORDER OF PRECEDENCE

If there is any conflict or inconsistency, the following order applies: (1) Order Form/SOW; (2) DPA (Annex A); (3) SLA (Annex E); (4) these Terms; (5) Annexes B–D; (6) DSAR Policy (Annex F); (7) Privacy Policy (Annex G).

4. RIGHT OF USE

4.1 Licence. Subject to payment and compliance, Logicdialog grants a non‑exclusive, non‑transferable right to use the Services during the Subscription Term for Customer’s business purposes.

4.2 Restrictions. Customer shall not (and shall not permit others to): (a) reverse engineer, decompile, or attempt to derive source code (except to the extent permitted by law); (b) bypass technical/usage limits; (c) use the Services to build a competing service; (d) resell or sub‑license except as expressly permitted; (e) share access with unauthorised third parties.

4.3 Suspension. We may suspend accounts for material breach (including AUP violations) with prompt notice.

5. ACCEPTABLE USE (AUP)

Prohibited uses include:
(a) illegal, harmful, defamatory, infringing, or discriminatory content;
(b) attempts to exploit vulnerabilities or interfere with the Service;
(c) uploading Restricted Data (e.g., payment card data, highly sensitive biometric/genetic data, or other regulated data) unless expressly agreed in writing and covered by the DPA and additional controls;
(d) High‑Risk Use (e.g., nuclear, life‑support, aviation, emergency services dispatch, safety‑critical systems) without our prior written agreement and certified human oversight;
(e) generating/disseminating malware, spam, or content intended to mislead for harm;
(f) violating export/sanctions laws (see clause 21).

6. CUSTOMER OBLIGATIONS

6.1 Provide reasonable cooperation, accurate information, and appropriately skilled internal resources.

6.2 Ensure lawful basis for Customer Data; obtain required consents; provide accurate prompts and guardrails appropriate to use cases; maintain account security and access controls.

7. FEES, TAXES & PAYMENT

7.1 Fees are as stated in the Statement of Work/Order Form and are exclusive of VAT and applicable taxes. Customer is responsible for taxes (other than taxes on Logicdialog’s income).

7.2 Invoices are payable within 14 days. Late payments may incur 3% per month above Bank of England base rate and/or service suspension. Third party costs such as those incurred from STT/TTS providers are payable in advance.

7.3 Annual fee increases up to 10% with 30 days’ notice (multi‑year agreements price‑fixed during the committed term; adjustments apply at renewal).

7.4 Fees are non‑refundable except for Customer’s termination due to our uncured material breach or as expressly stated.

8. INTELLECTUAL PROPERTY & FEEDBACK

8.1 Service IP. Logicdialog and its licensors own all IP in the Services.
8.2 Customer Data/Content. Customer retains all rights in Customer Content/Data.
8.3 Output. As between the parties, and subject to applicable law and any third‑party rights, Customer owns the Outputs generated for Customer’s use. Customer is responsible for reviewing Outputs before reliance (see clause 11).
8.4 Usage Data. We may generate and use aggregated, de‑identified analytics about Service performance and usage to improve the Services.
8.5 Feedback. If Customer provides feedback, Customer grants Logicdialog a worldwide, perpetual, royalty‑free licence to use it in the Services (without attribution, unless agreed).

9. PROFESSIONAL SERVICES & DELIVERABLES

9.1 Ownership. Customer owns Customer‑Owned Deliverables expressly identified in an SOW. Logicdialog retains all background IP and reusable components; we grant Customer a perpetual, non‑exclusive, royalty‑free licence to use them solely with the Services.

9.2 Change Control. Material scope changes require a written change order.

10. CONFIDENTIALITY

10.1 Each party will protect the other’s Confidential Information using the same standard of care it applies to its own (and not less than reasonable care), use it only for Agreement purposes, and disclose it only to personnel/contractors under confidentiality obligations with a need to know.

10.2 Exclusions: information that is or becomes public (without breach), was independently developed, or received lawfully from a third party without duty of confidentiality.

10.3 Required disclosure (e.g., by law) permitted with prompt notice (where lawful).

11. USE OF AI & LARGE LANGUAGE MODELS (LLMs)

11.1 Contextual AI. The Services may use LLMs/generative AI and may be enhanced with Customer‑specific context (knowledge bases, documents, workflows, etc.).

11.2 Global No‑Training Commitment. Except where Customer opts in in writing, Logicdialog will not use Customer Data/Content to train any general‑purpose foundation models (including third‑party models) or Logicdialog’s general‑purpose models. We may process Customer Data to provide, secure, support, and troubleshoot the Customer’s configured instance and as permitted under the DPA.

11.3 Nature of Outputs. LLMs are probabilistic and may generate incomplete, inaccurate, outdated, or otherwise unsuitable content (“hallucinations”). Outputs are excluded from accuracy SLAs and must be reviewed before reliance for operational, legal, regulatory, or customer‑facing use.

11.4 Customer Responsibility. Customer is solely responsible for: (a) the accuracy and lawfulness of Customer Data; (b) oversight and review of Outputs; (c) implementing appropriate human‑in‑the‑loop controls where required by law or policy.

11.5 Optional Output Copyright Commitment. If offered in Customer’s jurisdiction and purchased, the optional coverage in Annex D may apply subject to prerequisites and exclusions stated therein.

12. THIRD‑PARTY SERVICES, INTEGRATIONS & SUB‑PROCESSORS

12.1 Integrations. The Services may integrate third‑party services (e.g., hosting, LLM providers). Third‑party terms may apply; Logicdialog is not liable for failures of third‑party services.

12.2 Sub‑processors. We may use Sub‑processors to process Personal Data (current list available on request or as notified). We will provide 30 days’ prior notice of new Sub‑processors and allow Customer to object on reasonable data‑protection grounds. If unresolved, parties will work in good faith on alternatives; failing that, Customer may terminate the affected Services with a pro‑rata refund of prepaid, unused fees.

13. SECURITY, AUDIT & BUSINESS CONTINUITY

13.1 Security Program (no implied certification). Logicdialog maintains an information security program aligned with ISO 27001 controls and the SOC 2 Trust Services Criteria (without implying certification), including encryption in transit and at rest, role‑based access control, vulnerability management, and secure development practices (see Annex B).

13.2 Business Continuity. We maintain documented disaster recovery and business continuity plans; details are available on request.

13.4 Data Residency & Keys. On request, and where technically and commercially available, we may provision processing in specific regions (e.g., UK/EU) and support customer‑managed keys (KMS/BYOK) for at‑rest encryption for eligible plans. Current availability will be confirmed in writing.

13.5 Security Incidents. We will notify Customer without undue delay and in any case within 72 hours after becoming aware of a Security Incident impacting Customer Personal Data, provide reasonable cooperation, and share information as it becomes available.

14. DATA PROTECTION & PRIVACY

14.1 Each party will comply with applicable Data Protection Legislation.

14.2 The DPA (Annex A) forms part of these Terms and governs our processing of Customer Personal Data, including international transfers (e.g., UK IDTA/UK Addendum to EU SCCs), assistance, return/deletion, and sub‑processor management.

14.3 DSARs are handled per our DSAR Policy (Annex F); contact data@logicdialog.ai.

14.4 We do not sell Personal Data.

15. SERVICE LEVELS

15.1 Uptime & Support. SLA commitments are as set out in the SLA (Annex E) (99.9% uptime target; service credits up to 25%; tiered response/resolution; Premium 24/7 Severity‑1 support).

15.2 Chronic SLA Failure. If monthly uptime is below the SLA threshold in four (4) months within any rolling six (6)‑month period, Customer may receive a pro‑rata refund of prepaid, unused fees.

15.3 Exclusions. AI‑generated Outputs are excluded from accuracy or quality SLAs. Beta Services are excluded from SLAs (see 17.4).

16. WARRANTIES & DISCLAIMERS

16.1 Mutual. Each party warrants it has authority to enter into the Agreement.

16.2 Services. Logicdialog warrants the Services will materially conform to Documentation and be provided with reasonable skill and care. Customer’s exclusive remedy for breach is re‑performance or, if not cured within a reasonable time, termination with pro‑rata refund for the affected Services.

16.3 Disclaimers. Except as expressly stated, the Services are provided “as is”. We disclaim implied warranties (merchantability, fitness for a particular purpose, non‑infringement) to the maximum extent permitted by law. Outputs are advisory and must be reviewed.

17. INDEMNITIES; BETA SERVICES

17.1 Customer Indemnity. Customer will defend and indemnify Logicdialog against claims arising from Customer Content, Customer’s unlawful use, or violation of the AUP/Agreement.

17.3 Optional Output Copyright Commitment. If offered and purchased, and the required safeguards are implemented, we will provide the coverage described in Annex D (subject to exclusions).

17.4 Beta Services. Beta/pre‑release features are provided “as is”, may be modified or withdrawn at any time, and are excluded from warranties and SLAs.

18. TERM, RENEWAL & TERMINATION

18.1 Term. The Subscription Term is as stated in the Order Form. Minimum initial term is 12 months unless agreed otherwise.

18.2 Auto‑Renewal. After the initial term, subscriptions renew for successive 12‑month periods unless either party gives 90 days’ written notice before expiry.

18.3 Termination for Cause. Either party may terminate for material breach not cured within 60 days of notice, or if the other party becomes insolvent/ceases trading.

18.4 Termination Assistance. On termination/expiry, we will provide commercially reasonable assistance for data export and transition for 30 days (Professional Services rates). Customer Data will be retained for 90 days then securely deleted (unless legally required otherwise).

18.5 Effect of Termination. All fees due and payable become immediately due. Clauses that by nature should survive (including 8, 9, 10, 11, 13–16, 17.2, 19–25 and Annex A) survive termination.

19. LIMITATION OF LIABILITY

19.1 Cap. Each party’s aggregate liability arising out of or related to the Agreement will not exceed the fees paid or payable by Customer in the twelve (12) months preceding the event giving rise to liability.

19.2 Super‑Caps & Carve‑Outs. The cap in 19.1 does not apply to: (i) a party’s indemnity obligations; (ii) breach of confidentiality; (iii) Customer’s payment obligations; or (iv) infringement/misappropriation of the other party’s IP. For (i)–(iv), the cap will be two (2) times the amount in 19.1. Nothing excludes or limits liability for death/personal injury, fraud, or where liability cannot be limited under law.

19.3 Exclusions. Neither party is liable for indirect, consequential, exemplary, special, or punitive damages, or loss of profits/revenue/goodwill, to the maximum extent permitted by law.

20. FORCE MAJEURE

Neither party is liable for failure or delay due to events beyond reasonable control (including cyberattacks, third‑party outages, acts of God, or government action).

21. EXPORT CONTROL & SANCTIONS

Customer represents and warrants it is not subject to sanctions and will not use the Services contrary to applicable export control or sanctions laws (including UK, EU, and US regimes). Customer will not permit access from embargoed jurisdictions without our prior written consent.

22. ANTI‑BRIBERY & MODERN SLAVERY

Each party will comply with applicable anti‑bribery and corruption laws (including the UK Bribery Act 2010) and modern slavery laws (including the Modern Slavery Act 2015).

23. ASSIGNMENT, SUBCONTRACTING & CHANGE OF CONTROL

Neither party may assign the Agreement without the other’s consent, except to an affiliate or in connection with a merger, reorganisation, or sale of all or substantially all assets (with notice). We may subcontract obligations, remaining responsible for subcontractors’ performance.

24. NOTICES

Notices must be in writing and delivered by email to the addresses on the Order Form (or updated in writing). Legal notices to Logicdialog: legal@logicdialog.ai (copy support@logicdialog.ai).

25. MISCELLANEOUS

25.1 Entire Agreement; No Waiver; Severability. This Agreement is the entire agreement; failure to enforce is not a waiver; if any term is unlawful, the remainder remains in effect.

25.2 Third‑Party Rights. No third party has rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term.

25.3 Independent Contractors. The parties are independent contractors.

25.4 Governing Law & Jurisdiction. The Agreement is governed by the laws of England and Wales; the courts of England and Wales have exclusive jurisdiction.

—-

Annex A — Data Processing Addendum (DPA)

A1. Roles & Scope. For Personal Data processed under the Agreement, Customer is Controller and Logicdialog is Processor (or sub‑processor where applicable). A list of processing activities appears in Schedule A1.
A2. Instructions. We will process Personal Data solely on documented instructions from Customer, including transfers to third countries.
A3. Confidentiality. Personnel are under confidentiality obligations.
A4. Security. We implement appropriate technical and organisational measures (see Annex B).
A5. Sub‑processors. Managed per clause 12 and Annex C (notice and objection).
A6. Assistance. We will assist with data subject requests, DPIAs, and consultations with supervisory authorities, considering the nature of processing.
A7. Security Incidents. Notification within 72 hours of becoming aware, with updates as information becomes available.
A8. International Transfers. Where applicable, the UK IDTA and/or UK Addendum to the EU SCCs (and EU SCCs, if relevant) apply; we will conduct transfer risk assessments as required by law.
A9. Return/Deletion. On termination/expiry or on request, we will delete or return Personal Data (except where retention is required by law).
A10. Audits. See clause 13.2.
A11. Customer Obligations. Customer will ensure lawful collection/use of Personal Data and accuracy of instructions.

Schedule A1 (Processing Details):

  • Data subjects: End‑users of Customer services; Customer personnel.

  • Categories of Personal Data: Contact details, interaction metadata; special category data only if expressly agreed in an SOW.

  • Purpose: Provision, operation, and support of the Services as configured by Customer.

  • Duration: Subscription Term plus up to 90 days for export/deletion.

  • Processing operations: storage, retrieval, transformation, AI‑assisted analysis, transmission to configured channels, support/troubleshooting.

Annex B — Security Measures (Summary; no implied certification)

  • Governance: risk management, policies, access reviews, supplier risk.

  • Access Control: SSO/MFA (where supported), least‑privilege RBAC, logging/monitoring.

  • Encryption: TLS for data in transit; industry‑standard encryption at rest.

  • Development Security: secure SDLC, code review, dependency scanning, secrets management.

  • Vulnerability & Patch Management: regular scanning and remediation; independent penetration testing conducted periodically; high‑level summaries may be shared where available under NDA.

  • Resilience: backups and redundancy with documented RPO/RTO objectives; DR/BCP testing at reasonable intervals.

  • Incident Response: written plan, on‑call for Severity‑1, customer communications.

  • Personnel: background checks where lawful; mandatory security training.

  • Customer Controls: admin settings, audit logs, content filters, rate limits, channel controls.

  • Data Residency & Keys: region options and BYOK/KMS support where technically and commercially available (confirmable in writing).

—-

Annex C — Sub‑processors & Change Notifications

Current sub‑processors may include:

  • Core infrastructure: Google Cloud, MongoDB, Squarespace

  • Optional LLM providers (enabled only if configured).

  • Marketing (compliant outreach): Leadify, Instantly.ai, Squarespace, Pipedrive

Notice & Objection: We will provide 30 days’ prior notice of new Sub‑processors. Customer may object on reasonable data‑protection grounds; if unresolved, we will work in good faith on alternatives. Failing that, Customer may terminate the affected Services with a pro‑rata refund of prepaid, unused fees.

A live or detailed list can be provided on request or via a notified URL.

——

Annex D — Optional Output Copyright Commitment (Add‑On; if offered)

If offered in Customer’s jurisdiction and purchased, and provided Customer implements required safeguards (e.g., content filters, protected‑works detection, prompt hygiene), Logicdialog will defend and indemnify Customer against third‑party copyright claims alleging that Outputs (as delivered) infringe such third‑party rights, and pay amounts finally awarded, subject to:
Exclusions: claims arising from Customer Content/prompts, Customer modifications, combination with non‑Service materials, use outside Documentation/AUP, or deliberate attempts to reproduce known copyrighted works.
Process: prompt written notice; sole control of defence; reasonable cooperation.
Cap: indemnity subject to the super‑cap in clause 19.2 of the Terms.

——

Annex E — Service Level Agreement (SLA) (Full Text)

Applies to: All Logicdialog Clients (Premium tier receives enhanced support)

1. Introduction

This Service Level Agreement (SLA) sets out the commitments Logicdialog makes to ensure the reliability, performance, and support of our AI‑driven conversational platform. We recognise the critical role we play in our customers’ operations and are committed to delivering exceptional service, responsive support, and continuous improvement.

2. Service Availability & Uptime Commitment

Logicdialog targets 99.9% uptime, measured on a rolling quarterly basis.

2.1 Uptime Calculation
Availability = (Total Minutes in Quarter − Downtime Minutes) ÷ Total Minutes in Quarter × 100.
Planned maintenance (with ≥24 hours’ notice) and force majeure events are excluded from downtime calculations.

2.2 Downtime Exclusions
Not considered downtime: scheduled maintenance (≥24h notice); issues caused by third‑party services (e.g., cloud hosting); failures due to incorrect client configurations; downtime resulting from security breaches or cyberattacks impacting the client; client‑side network failures.

2.3 Service Credits for Uptime Breaches
If uptime is breached, on request the following credits apply to the affected month:

  • 99.80%–99.89% → 1% credit

  • 99.50%–99.79% → 2.5% credit

  • 99.00%–99.49% → 5% credit

  • 98.00%–98.99% → 10% credit

  • <98.00% → 15% credit
    Cap: maximum credit per month is 15%. Credits do not apply if the client is in breach or has unpaid invoices.

3. Support & Incident Response

3.1 Support Channels

  • Self‑service AI chatbot (24/7)

  • In‑platform ticketing (all clients)

  • Email support (all clients)

  • Dedicated Slack (Premium only)

  • Phone for Severity‑1 (Premium only)

3.2 Response & Resolution Targets

  • Severity 1 (Critical) – platform down/core features inaccessible to all users

    • Standard: response ≤ 4h, resolution target 12–24h

    • Premium: response ≤ 1h, resolution target 12–24h (24/7 emergency)

  • Severity 2 (Major) – significant impact; platform operational

    • Standard: response ≤ 12h, resolution target 48h

    • Premium: response ≤ 4h, resolution target 48h

  • Severity 3 (Moderate) – partial impairment; workaround available

    • Standard: response ≤ 48h, resolution target 5 business days

    • Premium: response ≤ 24h, resolution target 5 business days

  • Severity 4 (Minor) – cosmetic/usability

    • Standard: response ≤ 5 business days, target next scheduled update

    • Premium: response ≤ 3 business days, target next scheduled update

Response time means acknowledgement, not resolution.

4. Escalation Process

If a ticket is not resolved within the target timeframe:

  1. Escalate via ticket/email → Support Manager.

  2. Premium: escalate to Technical Lead via dedicated Slack.

  3. Premium S1: phone escalation available.

5. Maintenance & Updates

Regular updates and security patches are released without disruption where possible. Scheduled maintenance is communicated at least 24 hours in advance. Emergency maintenance is only performed when necessary and communicated as soon as possible.

6. Security & Compliance

Logicdialog follows industry‑standard security practices, including:

  • Compliance with applicable GDPR obligations

  • Alignment with ISO 27001 certification

  • Encryption of data in transit and at rest

  • Role‑based access control (RBAC) for enterprise clients

7. SLA Exclusions & Limitations

This SLA does not apply where: the client is in breach; downtime <15 minutes; third‑party dependency failures (e.g., hosting provider); or free‑tier limitations. AI‑generated outputs are excluded from SLA accuracy commitments (see Terms clause 11).

8. SLA Review & Changes

Logicdialog may update this SLA; material changes will be notified with 30 days’ notice via platform notifications, and/or email

9. Contact & Support Details

  • Email: support@logicdialog.ai

  • Slack: Premium clients only

  • Phone: Premium clients only for Severity‑1 issues

10. Summary of Commitments

99.9% uptime; credits up to 15%; multi‑channel support; defined response/resolution times; 24/7 emergency for Premium S1; structured escalation; strong security posture; GDPR alignment.

——

Annex F — Data Subject Access Request (DSAR) Policy (Full Text)

1. Purpose

This policy outlines the procedures Logicdialog Ltd follows when responding to Data Subject Access Requests (DSARs), in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Scope

This policy applies to all employees, contractors, and third parties who process personal data on behalf of Logicdialog Ltd. It covers requests made by any individual whose personal data is held by the company, including customers, users, employees, and suppliers.

3. Key Definitions

  • Data Subject: An identified or identifiable individual whose personal data is processed.

  • Personal Data: Any information relating to a data subject.

  • Processing: Any operation performed on personal data (e.g., collection, storage, use, erasure).

  • DSAR: A request made by a data subject to access the personal data held about them.

4. Data Subject Rights

Under the UK GDPR, individuals have the right to:

  • Know whether we process their data

  • Access a copy of their personal data

  • Understand the purposes for which it is processed

  • Know the categories of data and recipients

  • Know how long we retain it

  • Request correction or deletion

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

5. Making a Request

Data subjects can make a DSAR by emailing data@logicdialog.ai, or submitting a request verbally (which will be documented). Written requests are encouraged to ensure clarity and avoid delays.

6. Verifying Identity

Before processing any DSAR, we will confirm the identity of the requester. Acceptable forms of ID may include:

  • A passport or driver’s licence

  • A recent utility bill or bank statement (within the last 3 months)
    If identity cannot be verified, we may delay or decline the request until sufficient ID is provided.

7. Timeframes

We will respond to all DSARs within one calendar month of receipt. If the request is complex or involves multiple data sources, we may extend this by a further two months, but will inform the requester of this extension and the reasons within the first month.

8. Information Disclosed

Where applicable, we will provide:

  • A copy of the personal data held

  • The purposes of processing

  • The categories of personal data

  • Any third‑party recipients

  • Retention periods

  • Information about the data subject’s rights

  • Details of the source of the data (if not collected from the subject)

9. Exemptions

We may withhold data if:

  • It contains personal data of other individuals (unless consent is provided or redaction is possible)

  • Disclosure could prejudice legal proceedings, investigations, or regulatory functions

  • It relates to management forecasting or negotiations

  • Legal professional privilege applies
    Where an exemption is applied, we will explain unless prohibited by law.

10. Fees

DSARs are processed free of charge. If a request is manifestly unfounded or excessive, we may charge a reasonable fee to cover administrative costs or refuse to comply (with explanation).

11. Record Keeping

All DSARs will be logged in our DSAR Register and retained for at least 3 years. The record will include: date of request, identity verification status, summary of request, response timeline, and final outcome.

12. Responsibilities

All staff must forward any DSAR to the DPO or responsible contact immediately upon receipt.
DPO Contact: Andy Feltham — please contact via data@logicdialog.ai (mark “For the DPO”).

13. Complaints

Raise concerns with us directly or lodge a complaint with the ICO: https://ico.org.uk

14. Review and Updates

This policy will be reviewed annually or upon significant change to data protection legislation or internal procedures.

——

Annex G — Privacy Policy (Full Text)

Introduction

This Privacy Policy (our “privacy notice” for GDPR) explains how Logicdialog handles and safeguards personal information, and the choices available to access and control personal information. It covers our website (www.logicdialog.ai and subdomains) and chatbot interactions, including newsletter sign‑ups, content downloads, and web forms.

Logicdialog is the data controller for website users’ personal data. Read this notice together with any other policy or fair processing notice we provide when collecting/processing personal information.

Our Principles

  • We inform you of the personal information collected and, where necessary, seek consent to collect/use/disclose it.

  • We identify purposes and collect only what is necessary.

  • We use/disclose personal information only for stated purposes (unless consented or required/permitted by law) and retain it only as long as necessary.

  • We seek to keep information accurate, complete, and up‑to‑date.

  • We safeguard personal information appropriately.

  • Our handling practices are as transparent as possible.

  • You can request export, correction, or deletion of your personal information, as appropriate.

  • We are accountable and welcome feedback on our compliance.

What data we collect

Chatbots

  • Conversational interactions (anonymised, not linkable to specific users unless details offered via form).

  • If a Customer Service Agent intervenes, we may collect: first name, last name, and (optionally) email address.

Website

  • Newsletter subscription: email address (and optional details for personalisation).

  • Content downloads: first/last name, email, company name/website, department, and company size to send requested materials and improve user experience.

  • Chatbot enquiry forms: first/last name, email, phone, company name/website, company size, and department to respond and understand your profile.

By requesting resources or information, we rely on legitimate interests to enrol you in relevant email nurturing about our services. You can unsubscribe at any time via the link in our emails or by replying ‘unsubscribe’. You may also request to opt‑out of calls by emailing support@logicdialog.ai.

Third‑Party Tools and Processors

We use third‑party tools, including MongoDB and Google Cloud, for data processing and storage, chosen for their adherence to data protection standards (see provider privacy policies on their websites).

We also use LLMs (including but not confined to OpenAI) as a configurable component of the Logicdialog platform (default off unless enabled by the customer). LLMs may be used to (i) summarise end‑user conversations; (ii) generate model training data for Customer’s configured models/processes; and (iii) generate answers to end‑user enquiries from predefined knowledge sources (e.g., websites, documents).

Third‑party links

Our website may include links to third‑party sites, plug‑ins, and apps. Clicking those may allow third parties to collect or share information about you. We do not control those sites or their privacy statements. Please review each site’s policy.

How we use data

As a data controller, we use your information to: verify identity; respond to service requests; detect/deter unauthorised or fraudulent use; improve/optimise the website; provide support and respond to enquiries; conduct user surveys; measure advertising effectiveness; send important notices; deliver promotions and purchases; produce aggregated anonymised statistics; and comply with laws/legal obligations.

Do we disclose data?

We do not sell personal data. We do not disclose website data to third parties except where required/permitted by law or to processors acting on our instructions under appropriate safeguards.

How we store data

Our website is hosted by Squarespace, which uses Amazon Web Services infrastructure.

Third‑Party Processors (Marketing)

From time to time we appoint digital marketing agents to conduct compliant marketing on our behalf. Our appointed processors include:

  • instantly.ai, leadify, squarespace

Your rights

See the DSAR Policy (Annex F) for how to exercise your rights, including access, correction, deletion, or objection. Contact data@logicdialog.ai.

Changes to this Policy

We may update this policy; the latest version will always be available on our website.

Contact us

For privacy questions or concerns, contact data@logicdialog.ai.

Global Compliance

We comply with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and, where applicable, the California Consumer Privacy Act (CCPA).

Contacts

  • Legal: legal@logicdialog.ai

  • Privacy/Data: data@logicdialog.ai

  • Support/SLA: support@logicdialog.ai