Privacy Policy – D-Ready

Version 1.0

Effective Date: 30 April 2026

Last Updated: 30 April 2026

Data Controller

D-Ready | Digital Readiness & Intelligent Systems Ltd.

12 Infinity View, Stockton-on-Tees, United Kingdom, TS18 2FN

Email: info@d-ready.co.uk

Website: www.d-ready.co.uk

1. Introduction

D-Ready | Digital Readiness & Intelligent Systems Ltd. (“D-Ready”, “we”, “us”, or “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share information about you when you visit or interact with any of our websites, products, or services.

This policy covers all of the following D-Ready digital properties:

www.d-ready.co.uk (main company website)
www.raidot.ai (AI risk assessment and governance platform)
www.aiquaboost.com (aquaculture AI system)
cadence.raidot.ai and agenticcadence.ai (agentic AI platform)
Any other subdomains or services operated by D-Ready

Please read this policy carefully. By using any of our websites or services, you confirm that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of our services.

2. Who We Are (Data Controller)

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, the data controller is:

Company: D-Ready | Digital Readiness & Intelligent Systems Ltd.

Address: 12 Infinity View, Stockton-on-Tees, United Kingdom, TS18 2FN

Email: info@d-ready.co.uk

Website: www.d-ready.co.uk

If you have any questions or concerns about how we handle your personal data, please contact us using the details above. You can also contact the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO), at www.ico.org.uk.

3. What Personal Data We Collect

3.1 Information You Provide Directly

We collect personal data you provide when you:

Fill in a contact, enquiry, or demo request form
Subscribe to our newsletter or mailing list
Register for an account on any of our platforms (e.g. platform.raidot.ai)
Apply for a job or submit a CV through our website
Attend or register for an event, webinar, or training session
Correspond with us by email, phone, or other means

The types of data collected in these instances may include: full name, email address, telephone number, job title, company name, and the content of your communications with us.

3.2 Information Collected Automatically

When you visit our websites, our service providers and we may automatically collect certain technical and usage data, including:

IP address and approximate location
Browser type and version, operating system, and device type
Pages visited, time spent on pages, and links clicked
Referring to the website or source
Cookies and similar tracking technologies (see Section 8)

3.3 Information from Third Parties

We may receive information about you from third parties such as business partners, publicly available sources (e.g. LinkedIn), or analytics providers, where this is consistent with applicable law and your expectations.

3.4 Special Category Data

We do not intentionally collect special category data (e.g. health data, biometric data, or political opinions) through our websites. If such data is provided in correspondence or through a specific service arrangement, it will be handled with additional safeguards, and your explicit consent will be sought.

4. How We Use Your Personal Data

We use your personal data for the following purposes and on the following legal bases under UK GDPR:

4.1 To Provide Our Services (Contractual Necessity)

Processing enquiries and responding to your requests
Managing accounts on our platforms (RaiDOT, Cadence, AIquaBoost)
Delivering training programmes, workshops, and certifications
Fulfilling consulting or research engagements

4.2 Legitimate Interests

Improving and developing our products and services
Analysing website usage to enhance user experience
Detecting and preventing fraud, security threats, or misuse
Sending relevant B2B marketing communications to existing contacts or prospects (you may opt out at any time)
Managing our business operations and maintaining records

4.3 Compliance with Legal Obligations

Complying with applicable laws and regulations
Responding to lawful requests from regulatory or law enforcement authorities
Maintaining records required by UK company law or tax legislation

4.4 Consent

Sending marketing emails or newsletters where you have opted in
Placing non-essential cookies on your device (see Section 8)

Where we rely on consent, you may withdraw it at any time by contacting us or using the unsubscribe link in any marketing communication.

5. Who We Share Your Data With

We do not sell your personal data. We may share it with:

5.1 Service Providers

Trusted third-party providers who process data on our behalf, including cloud hosting providers, email marketing platforms, CRM systems, analytics providers, and payment processors. These providers are contractually bound to protect your data and process it only on our instructions.

5.2 Research and Academic Partners

Where relevant to Innovate UK-funded projects (such as RaiDOT or AIquaBoost), we may share data with partner universities (e.g. Teesside University) and industry collaborators, subject to appropriate data sharing agreements.

5.3 Legal and Regulatory Requirements

We may disclose your data where required by law, court order, or government authority, or to protect the rights, property, or safety of D-Ready, our clients, or others.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business, your personal data may be transferred to the successor entity. We will notify you of any such change.

6. International Data Transfers

We primarily process and store your data within the UK and the European Economic Area (EEA). Where data is transferred to countries outside the UK or EEA, we ensure that appropriate safeguards are in place in accordance with UK GDPR, such as:

Standard Contractual Clauses (SCCs) approved by the ICO
Adequacy decisions by the UK Secretary of State
Other lawful transfer mechanisms as applicable

You may request further information about specific transfer mechanisms by contacting privacy@d-ready.co.uk.

7. How Long We Keep Your Data

We retain personal data only for as long as is necessary for the purpose for which it was collected, or as required by law. Our general retention periods are:

Contact/enquiry records: 3 years from last interaction

Contract and service records: 7 years from contract end (legal/tax requirements)

Platform account data: For the duration of the account plus 2 years after closure

Marketing consent records: Until consent is withdrawn, plus 1 year

Website analytics data: Up to 26 months (anonymised after 14 months)

Job application data: 6 months from decision (or longer with consent)

When data is no longer required, it is securely deleted or anonymised.

8. Cookies and Tracking Technologies

Our websites use cookies and similar technologies to improve your experience and to analyse how our sites are used. Cookies are small text files placed on your device.

8.1 Types of Cookies We Use

Essential cookies — Necessary for the website to function. Cannot be disabled.
Analytics cookies — Help us understand how visitors use our sites (e.g. Google Analytics). Used only with your consent.
Preference cookies — Remember your settings and choices.
Marketing cookies — Used to deliver relevant content and measure campaign effectiveness. Used only with your consent.

8.2 Managing Cookies

When you first visit our websites, you will be presented with a cookie consent banner. You can accept, reject, or customise your cookie preferences at any time. You may also control cookies through your browser settings — please note that disabling certain cookies may affect site functionality.

For more information about cookies and how to manage them, visit www.allaboutcookies.org or the ICO’s guidance at ico.org.uk.

9. Your Data Protection Rights

Under UK GDPR, you have the following rights in relation to your personal data:

Right of access — You may request a copy of the personal data we hold about you (a Subject Access Request).
Right to rectification — You may ask us to correct inaccurate or incomplete data.
Right to erasure — You may request deletion of your data in certain circumstances (the ‘right to be forgotten’).
Right to restriction — You may ask us to restrict processing of your data in certain circumstances.
Right to data portability — You may request a copy of your data in a structured, machine-readable format.
Right to object — You may object to processing based on legitimate interests or for direct marketing at any time.
Rights related to automated decision-making — You have the right not to be subject to decisions made solely by automated means where they have a significant effect on you.

To exercise any of these rights, please contact us at privacy@d-ready.co.uk. We will respond within one calendar month. We may need to verify your identity before processing your request.

If you are not satisfied with how we have handled your request, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.

10. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, or disclosure. These include:

Encrypted data transmission (TLS/HTTPS) across all our websites and platforms
Access controls and authentication requirements for internal systems
Regular security assessments and vulnerability management
Staff training on data protection and information security
Data minimisation — we only collect and retain what is necessary

While we take all reasonable steps to protect your data, no method of transmission over the internet is completely secure. If you believe your data has been compromised, please contact us immediately at info@d-ready.co.uk.

11. Third-Party Websites and Links

Our websites may contain links to third-party websites, partner platforms, or embedded content (e.g. YouTube videos). This Privacy Policy does not apply to those third-party sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.

12. Children’s Privacy

Our websites and services are directed at business users and are not intended for children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it.

13. AI Systems and Automated Processing

D-Ready develops and operates AI-powered products and services. Where our AI systems process personal data (for example, during AI risk assessments through the RaiDOT platform), we ensure this processing is conducted in accordance with UK GDPR, our responsible AI principles, and applicable sector regulations.

We do not use personal data to train our AI models without your explicit consent. Where AI is used to assist in decision-making processes that affect individuals, we maintain human oversight and provide mechanisms to contest automated decisions.

Our AI governance practices are guided by the EU AI Act, ISO 42001, and our internal Responsible AI framework. For more information, please visit www.raidot.ai.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make significant changes, we will notify you by posting an updated policy on our websites with a new effective date. For material changes, we may also notify you directly by email where we hold your contact details.

We encourage you to review this policy periodically. Your continued use of our websites or services after any changes constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

Data Protection Enquiries: info@d-ready.co.uk

General Enquiries: info@d-ready.co.uk

Post: D-Ready Ltd., 12 Infinity View, Stockton-on-Tees, United Kingdom, TS18 2FN

Website: www.d-ready.co.uk/contact

To submit a complaint to the UK’s supervisory authority:

Information Commissioner’s Office (ICO): www.ico.org.uk | 0303 123 1113

This document is effective as of 30 April 2026 and supersedes all previous versions.