// Privacy Notice

ScaleLabs Privacy Notice

Last updated: May 17, 2026

ScaleLabs provides AI receptionist, AI call handling, missed-call recovery, call transcription, appointment booking, follow-up automation, and related services for home-service and trade businesses.

This Privacy Notice explains how we collect, use, store, and share personal data when you visit our website, contact us, become a client, interact with our services, or communicate with us.

Section 1

Who we are

ScaleLabs is currently operated by Demilade Bickersteth, trading as ScaleLabs. We intend to incorporate as ScaleLabs Ltd. Once incorporated, we will update this Privacy Notice with the company number and registered office.

Contact email: hello@scalelabs.studio

Website: scalelabs.studio

For the purposes of UK data protection law, ScaleLabs may act as a controller for personal data we use for our own business purposes, such as website enquiries, sales, billing, client administration, analytics, security, and marketing; and as a processor where we process caller, lead, appointment, or customer data on behalf of our business clients through our AI receptionist and missed-call recovery services.

Where we process caller or customer data on behalf of one of our clients, that client is normally the controller of that data.

Section 2

Personal data we collect

Website, enquiry, and sales data

  • name
  • business name
  • job title
  • email address
  • phone number
  • website URL
  • business type
  • location or service area
  • message content and enquiry details
  • meeting notes and sales communications
  • referral source, such as an agency partner or introducer

Client and account data

  • client contact details
  • billing details
  • plan, pricing, invoices, and payment status
  • onboarding information
  • business opening hours
  • service areas
  • call scripts, FAQs, booking rules, escalation rules, and CRM details
  • support messages and service requests

Service data processed for clients

When we provide services to a client, the service may process:

  • caller names, where provided
  • phone numbers
  • email addresses, where provided
  • service addresses or appointment locations, where provided
  • call recordings
  • call transcripts
  • call summaries
  • appointment booking information
  • customer requests and service details
  • messages, follow-ups, and CRM records

Technical and website data

  • IP address
  • browser type
  • device information
  • pages visited
  • time and date of visits
  • referral URLs
  • cookie and analytics information
  • security logs and diagnostics
Section 3

How we collect personal data

  • directly from you when you fill in a form, book a call, email us, call us, or become a client
  • from agency partners, referral partners, or introducers who refer your business to us
  • from our clients when they provide onboarding information or connect systems to our services
  • from callers, leads, and customers who interact with the AI receptionist or missed-call recovery service
  • from CRM, calendar, telephony, email, SMS, automation, analytics, and payment tools used to provide our services
  • automatically through website cookies, analytics, and security tools
Section 4

How we use personal data and our lawful bases

PurposeTypes of dataLawful basis
Responding to enquiries and booking sales callsName, business details, contact details, message contentLegitimate interests; steps before entering into a contract
Providing our services to clientsClient account data, onboarding data, service data, call dataContract; legitimate interests; where acting as processor, on client instructions
AI receptionist, missed-call recovery, call recording, transcription, and bookingCaller data, call recordings, transcripts, booking detailsWhere acting as processor, on client instructions; where acting as controller for our own records, legitimate interests
Billing, payment, accounting, and tax recordsClient details, invoice data, payment statusContract; legal obligation
Support, troubleshooting, service improvement, and securityAccount data, service logs, technical data, support messagesContract; legitimate interests; legal obligation where applicable
Website analytics and improvementTechnical data, cookie data, usage dataLegitimate interests; consent where required for non-essential cookies
Marketing to business contactsBusiness contact details, enquiry data, preferencesLegitimate interests or consent where required
Managing partner referrals and commissionsBusiness contact details, referral source, client statusLegitimate interests; contract
Legal compliance and dispute handlingRelevant account, billing, communications, and service recordsLegal obligation; legitimate interests

We do not sell personal data.

Section 5

Client and partner logos

Where a client or agency partner has agreed to it in our contract or in writing, we may use their business name, trading name, and logo on our website, pitch decks, proposals, and ordinary sales or marketing materials to identify them as a ScaleLabs client or partner.

We do not use client or partner logos to imply a testimonial, endorsement, case study, guarantee, or specific performance result unless that use has been separately approved.

Section 6

AI processing and call handling

Our services may use AI systems to answer calls, recover missed calls, summarise calls, transcribe calls, classify enquiries, assist with appointment booking, and generate follow-up messages.

AI outputs may be inaccurate, incomplete, or unexpected. Our clients remain responsible for reviewing their own business rules, call scripts, customer promises, appointment rules, pricing information, and service delivery.

We do not intentionally use client call recordings, transcripts, or caller personal data to train public AI models unless the relevant client has agreed to that use in writing or enabled a service feature that clearly permits it.

Section 7

Call recording and transcripts

Where our services are used by a client, calls may be recorded, transcribed, summarised, and processed by AI to provide missed-call recovery, AI receptionist, appointment booking, support, quality control, and service improvement features.

The relevant business client is normally responsible for telling its callers, customers, and staff that calls may be recorded, transcribed, or processed by AI, and for providing any required privacy notices or call recording notices.

Section 8

Marketing communications

We may contact business contacts about ScaleLabs services where we believe the services may be relevant to their business, where we have a lawful basis to do so, and where marketing rules allow it.

You can object to direct marketing at any time by emailing hello@scalelabs.studio. If you object, we will stop using your personal data for direct marketing and may keep limited details on a suppression list to make sure we do not contact you again for marketing.

Section 9

Who we share personal data with

We may share personal data with trusted third parties where necessary to operate our business and provide our services, including:

  • telephony providers
  • AI model providers
  • transcription providers
  • cloud hosting and database providers
  • CRM, calendar, and booking-system providers
  • automation, email, and SMS providers
  • analytics and security providers
  • payment processors and banks
  • professional advisers, including accountants, lawyers, insurers, and consultants
  • agency partners or referral partners where needed to manage a referral relationship
  • regulators, authorities, courts, or law enforcement where required by law

Current or expected service providers may include Twilio, OpenAI, Anthropic, Vapi, cloud hosting providers, database providers, automation providers, email providers, SMS providers, analytics providers, and payment processors used by ScaleLabs from time to time.

Section 10

International transfers

Some of our service providers may process personal data outside the UK. Where personal data is transferred outside the UK, we will use appropriate safeguards where required, such as an adequacy decision, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or another lawful transfer mechanism.

Section 11

How long we keep personal data

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Notice, including to provide services, maintain business records, comply with legal obligations, resolve disputes, prevent fraud, and enforce agreements.

Type of dataTypical retention period
Website enquiries and sales communicationsUp to 24 months after the last interaction, unless you become a client or ask us to delete it earlier
Client account and billing recordsDuring the client relationship and up to 6 years afterwards for accounting, tax, legal, and dispute purposes
Support messages and service communicationsUp to 24 months after the issue is resolved, unless needed longer for legal or service reasons
Call recordings, transcripts, and service data processed for clientsUsually up to 12 months unless the client instructs a different retention period or a longer period is needed for legal, security, or dispute reasons
Technical logs and security recordsUsually up to 12 months unless needed longer for security, fraud prevention, or legal reasons
Marketing suppression recordsAs long as needed to respect your objection or unsubscribe request

Where we process personal data as a processor for a client, retention may be governed by that client’s instructions and agreement with us.

Section 12

Your data protection rights

Depending on the circumstances and our lawful basis for processing, you may have the right to:

  • access your personal data
  • correct inaccurate personal data
  • request deletion of your personal data
  • restrict how we use your personal data
  • object to certain uses of your personal data
  • receive your personal data in a portable format
  • withdraw consent where processing is based on consent
  • complain to the UK Information Commissioner’s Office

You have an absolute right to object to direct marketing. You can do this by emailing hello@scalelabs.studio.

If your data was processed by ScaleLabs on behalf of one of our clients, we may need to refer your request to that client because they are normally the controller of the data.

Section 13

Cookies and analytics

Our website may use cookies and similar technologies to operate the site, understand how visitors use it, improve performance, remember preferences, and support marketing or analytics.

Where required, we will ask for consent before using non-essential cookies. You can also control cookies through your browser settings.

Section 14

Security

We use reasonable technical and organisational measures to protect personal data, including access controls, password protection, encryption in transit where supported, limited access permissions, and security reviews appropriate to our stage and risk level.

No system is completely secure, and we cannot guarantee that personal data will always be free from unauthorised access, loss, misuse, or disclosure.

Section 15

Children

Our website and services are intended for businesses and are not directed at children. We do not knowingly collect personal data from children through our website.

Section 16

Changes to this Privacy Notice

We may update this Privacy Notice from time to time. The latest version will be posted on our website with the updated date.

Section 17

Contact us

If you have questions about this Privacy Notice or how we handle personal data, contact:

ScaleLabs

Email: hello@scalelabs.studio

Website: scalelabs.studio

You also have the right to complain to the UK Information Commissioner’s Office at ico.org.uk.