Privacy Policy
Effective date: 3 September 2025
This Privacy Policy explains how Triple A Digital Limited (“Triple A Digital”, “we”, “us”, “our”) collects and processes personal data when you visit digitalaaa.com (the “Site”), contact us, or use our services (including our AI helpline/assistant, voice chat and managed automation platform).
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you are in the EEA, we also comply with the EU GDPR where it applies.
1) Who we are (Controller details)
- Controller: Triple A Digital Limited (company no. 10204375)
- Registered office: 3 Stanley Close, Greenhithe, England, DA9 9BG
- Website: https://digitalaaa.com/
- Phone: +44 20 4538 4828
- How to contact us about privacy: Use the contact form on our Site or write to our registered office (mark correspondence “Data Protection”).
We do not currently appoint a Data Protection Officer because we are not legally required to, but we take data protection seriously and will respond to requests promptly.
2) What we collect and why (purposes & legal bases)
We only collect what we need for specific purposes.
| Category | Examples | Purpose | Legal basis (UK GDPR Art. 6) |
|---|---|---|---|
| Contact & enquiry data | Name, company, email, phone, message provided via Site forms or phone | To respond, provide quotes, schedule calls, and manage relationships | Legitimate interests (to answer/manage enquiries); pre-contract steps at your request (Art. 6(1)(b)) when discussing a potential contract. |
| Sales/quotation inputs | Project details needed to prepare tailored quotes | To generate and send quotations and related documents | Contract / pre-contract (Art. 6(1)(b)); legitimate interests (efficient delivery of requested information). |
| Marketing list (opt-in) | Email address for guides, resources, updates | To send emails you’ve signed up for; you may unsubscribe anytime | Consent (Art. 6(1)(a)). |
| AI assistant/voice interactions | Audio/text content of conversations, transcripts, technical queries | To operate our AI helpline/assistant, route enquiries, improve reliability and security | Legitimate interests (deliver and improve the requested interaction); contract where we provide the service you ask for. We do not make solely automated decisions with legal/similarly significant effects. |
| Account/admin data (if applicable) | Login, role, preferences (for managed clients) | To provide and secure our managed platform | Contract; legitimate interests (security/administration). |
| Cookies & similar tech | Device identifiers, preference cookies; analytics/embedded media (if you accept) | To run the Site, remember choices, measure performance, and show embedded media | Strictly necessary: legitimate interests; analytics/marketing/embedded media: consent. |
| System logs & security | IP address, user agent, event logs | To secure the Site, detect abuse, comply with law | Legitimate interests (security), legal obligation where applicable. |
Special category data: we do not intentionally collect this via the Site.
If you choose not to provide information we need to respond to you or perform a contract, we may be unable to provide the requested services.
3) Where your data comes from
- Directly from you (forms, calls, emails, AI assistant/voice interactions).
- Automatically from your device when you browse (e.g., logs, strictly necessary cookies).
- For managed client services, we may receive limited data from our clients (see Controller/Processor roles).
4) Cookies & similar technologies
Our Site uses cookies. Some are necessary to make the Site work. Others (e.g., analytics or embedded media) are used only if you consent.
Strictly necessary (set without consent):
- WordPress/session & preference cookies (e.g.,
wordpress_logged_in_*,wp-settings-*,wp-settings-time-*, temporary login test cookie).
Optional (require consent before setting):
- Analytics (if enabled in future).
- Embedded media such as YouTube videos (playing/visiting YouTube may set third-party cookies).
You can manage cookies in your browser at any time and withdraw consent for optional cookies at any time (future use only).
We aim to keep processing in UK/EU locations and follow privacy-first practices.
5) Controller vs. Processor roles
- Visitors & prospects: For data collected via the Site, phone and our AI assistant, Triple A Digital is the controller.
- Managed client platforms: When we run automation/AI environments for our business clients, we generally act as a processor and process personal data on our client’s instructions under a Data Processing Agreement (DPA). End users of our clients should contact the relevant client (controller).
6) Sharing your data (recipients)
We share personal data only with:
- Service providers (processors) that help us run the Site and our services, under contracts that protect your data. Typical categories include: hosting and infrastructure, email delivery, CRM, voice/telephony, calendar scheduling, analytics (if enabled), security & backups.
- Embedded/linked services you choose to use, e.g., playing an embedded video or using a scheduling link may involve that provider receiving data.
- Professional advisers and authorities where required by law.
We do not sell your personal data.
7) International transfers
By default, our platform and knowledge base are operated with UK/EU data residency. Where data is transferred outside the UK/EEA (for example, to a provider in another country), we use appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) and/or EU Standard Contractual Clauses (SCCs) and implement supplementary measures where needed.
8) How long we keep data (retention)
- Enquiries & routine correspondence: up to 24 months after last meaningful contact.
- Quotes, contracts, and transactional records: up to 6 years (statutory limitation).
- Marketing list (opt-in): until you unsubscribe or after 24 months of inactivity.
- AI assistant/voice transcripts (where used): for the minimum period required to deliver the service and quality assurance, normally up to 12 months, unless a longer period is necessary for a specific incident or to comply with law.
- System/security logs: typically up to 12 months, unless needed longer for investigations.
9) Your rights
You have the following rights (subject to conditions and exemptions in data protection law):
- Access to your personal data
- Rectification of inaccurate data
- Erasure (right to be forgotten)
- Restriction of processing
- Data portability
- Object to processing based on legitimate interests or to direct marketing
- Not to be subject to a decision based solely on automated processing that has legal or similarly significant effects (we do not carry out such decisions for Site visitors).
How to exercise your rights: contact us via the Site contact form or by post to our registered office (see Section 1). We may need to verify your identity.
If you’re unhappy with our response, you can complain to the UK Information Commissioner’s Office (ICO): Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF — https://ico.org.uk/.
10) Children
Our Site and services are intended for business users and are not directed to children. We do not knowingly collect personal data from children.
11) Security
We apply appropriate technical and organisational measures, including encryption in transit/at rest, role-based access, isolated environments, daily backups and monitoring. We operate formal incident response processes and will notify authorities and affected individuals where legally required.
12) Third-party links & embedded content
Our Site may include links or embedded content from third parties (e.g., video platforms). Those services operate under their own privacy policies and may set cookies when you interact with them.
13) Changes to this Policy
We may update this Policy from time to time. The updated version will be posted on this page with a new effective date.
14) UK representative / EU representative
At present we are established in the UK and do not require an EU representative. If that changes, we will update this section.
15) Contact
- Controller: Triple A Digital Limited (10204375)
- Address: 3 Stanley Close, Greenhithe, England, DA9 9BG
- Phone: +44 20 4538 4828
- Web contact form: available on https://digitalaaa.com/