Data Protection Impact Assessment (DPIA)

Ankit AI

Assessment Date: 21st November 2025 (updated version)

Version: 2.1

Data Controller: Shumoo Limited, United Kingdom

Service Name: Ankit AI

Websites: ankitai.co.uk | ankitkant.com

1. Introduction

This Data Protection Impact Assessment evaluates the data protection implications of Ankit AI, an online AI-based information tool designed to support NHS GP teams with general administrative and practice-management queries.

The tool is designed not to process patient data, confidential practice information, health data or any special-category personal data.

2. Purpose and Scope

2.1 Purpose of Processing

Ankit AI provides broad, non-specialist information related to GP practice administration. Responses are generated using an AI model based on patterns in publicly available information.

2.2 Scope of This DPIA

This DPIA covers:

  • User-entered text (non-sensitive, non-identifiable)
  • Automatically collected technical data (IP address, device info, cookies)
  • Processing by third-party service providers
  • Data security, storage and retention
  • Risk assessment and mitigation

This DPIA does not cover any processing of clinical data, safeguarding data, HR data or other special-category data, as these inputs are strictly prohibited.

3. Description of Processing

3.1 Nature of Data Processed

Permitted Data

  • General administrative queries
  • Non-identifiable text relating to NHS contracts or practice management
  • High-level queries requiring no personal or sensitive information

Automatically Collected Data

  • IP address
  • Browser and device type
  • Session metadata
  • Cookie data (functional and analytics)

Prohibited Data

The system is not designed to process and does not intentionally process:

  • Patient-identifiable data
  • Medical or clinical information
  • Confidential practice information (HR, staff issues, safeguarding, complaints, finance)
  • Special-category personal data under Article 9 UK GDPR
  • Information governed by the NHS DSP Toolkit

Users are clearly warned not to enter such information.

3.2 Purpose of Processing

  • To generate general, non-professional administrative guidance
  • To operate the AI interface
  • To maintain service functionality and system reliability
  • To support usage analytics (non-identifiable, cookie-based)

3.3 Third-Party Processors (Not Named)

Ankit AI uses GDPR-compliant processors for:

  • AI chatbot interface, session handling and temporary chat processing
  • AI model processing
  • Website hosting
  • Cookie consent and basic analytics

A full list of processors is available on request.

All processors operate under GDPR-compliant agreements.

3.4 Data Retention

  • Chat content may be temporarily retained by third-party processors for operational purposes
  • Shumoo Limited does not retain long-term copies of chat inputs
  • Technical logs and analytics cookies are retained according to provider policies
  • No user accounts are created
  • Retention periods are reviewed annually

4. Consultation Process

Consultation was carried out with:

  • Shumoo Limited (Data Controller)
  • Technical implementers
  • External GDPR and NHS data governance advisors

Given the minimal nature of processing and the prohibition of sensitive data, direct consultation with data subjects was not required.

5. Necessity and Proportionality

5.1 Legal Basis

Processing is based on user consent under Article 6(1)(a) UK GDPR.

Consent is obtained via:

  • Use of the service
  • Acceptance of the Disclaimer
  • Cookie consent banner

5.2 Data Minimisation

  • Users are instructed not to enter personal or sensitive data
  • The system collects only what is essential for functionality
  • No profiling or automated decision-making is performed

5.3 Proportionality

Only minimal, non-sensitive data is required.

No excessive or unnecessary processing takes place.

6. Risk Assessment

6.1 Key Risks

User enters prohibited data

  • Potential data breach or regulatory issue

Third-party processing

  • Risk of unauthorised access or loss outside Shumoo Limited infrastructure

Misinterpretation of AI outputs

  • Risk of treating general information as professional advice

Network or firewall interference

  • NHS network blocks or firewalls could disrupt access

6.2 Mitigation Measures

  • Explicit disclaimers prohibiting personal or sensitive data
  • Prominent warnings in the chatbot input area
  • Privacy-focused design (no accounts, no identifiers)
  • HTTPS encryption and secure hosting
  • GDPR-compliant processors only
  • Temporary retention only
  • Regular review of processor terms
  • Outputs framed as general, non-professional information
  • Residual risk assessed as low

7. Data Subject Rights

Users have the right to:

  • Access
  • Rectification
  • Erasure
  • Restriction
  • Objection
  • Portability
  • Withdraw consent

Requests will be handled directly or passed to the relevant third-party processor when needed.

8. Accountability and Governance

Shumoo Limited maintains:

  • A full Privacy Policy
  • An explicit Disclaimer
  • A Cookie Policy
  • An annual DPIA review
  • Oversight of processor compliance
  • Incident response procedures

Shumoo Limited is responsible for ensuring GDPR compliance.

9. Review and Monitoring

  • DPIA reviewed annually or when service changes
  • Ongoing monitoring of system behaviour
  • Regular review of processor privacy terms
  • Procedures in place to handle accidental entry of prohibited data

10. Approval and Sign-off

Approved by:

Ankit Kant

Scroll to Top