Privacy Notice

Ankit AI

Data Controller: Shumoo Limited, United Kingdom

Website: ankitai.co.uk

Version: 1.0

Last Updated: 21st November 2025

1. Introduction

This Privacy Notice explains how Shumoo Limited (“we”, “us”, “our”) collects, uses and protects personal data when you use Ankit AI. Ankit AI is an online information tool designed to assist NHS GP teams with general administrative and practice-management queries. It is not designed to process patient data, confidential practice information or any special-category personal data.

By using the service, you consent to the processing of your data as described in this notice.

2. What Ankit AI Is Designed For

Ankit AI provides general, non-professional information about administrative aspects of general practice.

It is not intended to, and must not be used to, process:

  • Patient-identifiable data
  • Medical records or clinical information
  • Confidential staff or HR information
  • Safeguarding or complaint details
  • Financial or commercially sensitive practice information
  • Special-category personal data under Article 9 GDPR

If you enter such information contrary to warnings, you are responsible for that input.

3. Data We Collect

We collect only the data necessary to operate the service.

3.1 Data you enter

  • Non-identifiable text queries
  • General administrative questions

You must not enter personal, sensitive or confidential information.

3.2 Data collected automatically

When you use the website or the chat interface, we may automatically collect:

  • IP address
  • Browser type and device information
  • Session metadata
  • Cookie data (functional and analytics)

This is standard for web-based services and helps ensure security and performance.

4. How Your Data Is Used

We use data for:

  • Generating AI responses
  • Operating and maintaining the service
  • Monitoring performance and reliability
  • Improving the functionality and safety of the tool
  • Cookie-based analytics (non-identifiable)

We do not use your data for profiling, marketing or automated decision-making.

5. Legal Basis for Processing

The legal basis is user consent under Article 6(1)(a) UK GDPR.

Consent is obtained through:

  • Using the service
  • Accepting the disclaimer
  • Accepting cookies (where applicable)

You can withdraw consent by ceasing to use the tool or by submitting a data rights request.

6. Third-Party Processing

To operate the service, we use several GDPR-compliant third-party providers, such as:

  • A hosted AI chatbot platform
  • An AI model provider
  • A website hosting provider
  • A cookie/analytics provider

These processors handle data only to the extent required to run the service.

A full list of processors is available upon request.

7. Data Retention

  • Chat content may be temporarily retained by third-party processors for operational purposes.
  • Shumoo Limited does not keep long-term copies of chat inputs.
  • Technical logs and analytics cookies are retained according to the providers’ standard retention periods.
  • No user accounts are created.

Data retention is reviewed annually.

8. Data Sharing

We do not sell or transfer your data to third parties for marketing or commercial purposes.

Data is shared only with:

  • Third-party processors necessary for delivering the service
  • Regulators if legally required
  • Others only with your explicit consent

9. International Transfers

Some third-party processors may store or process data outside the UK.

Where this occurs, we ensure that appropriate safeguards are in place, such as:

  • Adequacy decisions
  • Standard contractual clauses
  • Equivalent protection measures

10. Your Rights

Under UK GDPR, you have the following rights:

  • Access to your personal data
  • Rectification of inaccurate data
  • Erasure (“right to be forgotten”)
  • Restriction of processing
  • Objection to processing
  • Data portability
  • Withdrawal of consent

To make a request, use the contact link on our website.

Requests may be forwarded to third-party processors where necessary.

11. How We Protect Your Data

We use a range of technical and organisational measures, including:

  • HTTPS encryption
  • Secure hosting
  • Access controls
  • Use of GDPR-compliant processors
  • Clear user warnings preventing entry of sensitive data
  • Regular reviews of privacy and security arrangements

12. Cookies

Ankit AI uses cookies for:

  • Site functionality
  • Security
  • Usage analytics

A full explanation of the cookies used can be found in our Cookie Policy.

You can manage preferences through the cookie banner.

13. Children’s Data

The service is intended for users aged 18 and over.

We do not knowingly process data from children.

14. Changes to This Privacy Notice

We may update this notice from time to time.

The latest version will always be available on our website.

Continued use of the service indicates acceptance of any changes.

15. Contact

For questions or data requests, please contact:

Shumoo Limited

United Kingdom

Use the contact form on our website.

Scroll to Top