Privacy Policy

1. Who We Are

Majormatic Ltd ("Majormatic", "we", "us", "our") is the data controller responsible for personal data processed through the Majormatic platform and website.

We operate the static public website at www.majormatic.com and the application platform at majormatic.com.

If you have questions about how we handle your data, please contact us at [email protected] or visit our contact page.

2. Data We Collect

Account Data

When you register for an account, we collect:

Name and email address
Organisation name and workspace identifiers (where provided)
Password (stored in hashed form; we do not store plaintext passwords)
Authentication metadata (login timestamps, session identifiers)

Billing Data

When you add funds or make payments, we collect:

Wallet top-up records and transaction history
Invoices and receipts associated with your account
Payment processor tokens provided by our payment provider (we do not store card numbers directly)

Run Data

When you use the platform to run apps, we collect:

App selections and execution inputs (form fields submitted for processing)
Execution outputs and acknowledgement records
Execution metadata (run IDs, timestamps, completion status)
Audit log entries (required for governance and compliance traceability)

Uploaded Documents

Documents you upload for processing are stored temporarily to enable execution. These are scoped to your account and are not shared with other users. Retention of uploaded documents follows the policy described in Section 6.

Technical and Security Logs

We automatically collect certain technical information, kept separate from content data where feasible:

IP address and approximate location
Browser type and version
Device type and operating system
Referring URLs and session identifiers
Security and access logs

Communication Data

If you contact us, we collect:

Contact form submissions and email correspondence
Support ticket content and history

AI Processing

Execution inputs are submitted to external AI model providers as part of delivering the service. These providers act as processors and are bound by data processing agreements. We do not use your private content to train public AI models. AI-generated outputs are structured and validated by the platform before being presented to you.

Outputs as Drafts

Outputs are treated as drafts and may require human review and acknowledgement before they are relied upon in professional contexts. Majormatic is designed to support structured, validated, and auditable execution — not to replace professional judgement.

3. How We Use Your Data

Providing the Service

Processing executions, delivering outputs, maintaining your account

Governance & Audit

Maintaining tamper-evident audit records as required by our governance model

Billing

Processing wallet top-ups, pay-per-run charges, and issuing invoices and receipts

Support

Responding to support requests and resolving technical issues

Security

Detecting abuse, preventing fraud, and protecting the platform

Improvement

Analysing usage patterns to improve platform performance and quality

Legal Obligations

Complying with applicable laws and responding to lawful requests

Communications

Sending service updates, security notices, and (with consent) product news

4. Legal Basis for Processing

We process personal data under the following legal bases:

Contract Performance

Processing necessary to provide the services described in our Terms of Service.

Legitimate Interests

Improving the platform, detecting abuse, and ensuring security, where these interests are not overridden by your rights.

Legal Obligation

Processing required to comply with applicable laws, including audit record retention.

Consent

For optional marketing communications, where we will ask for your explicit consent.

5. Sharing Your Data

We do not sell your personal data. We share data only in the following circumstances:

Service Providers: We use third-party providers for hosting, payments, and support tools. These providers are bound by data processing agreements.
AI Model Providers: Execution inputs are processed by AI model providers to deliver outputs. These relationships are governed by data processing agreements.
Legal Requirements: We may disclose data in response to lawful requests from authorities, subject to applicable legal standards.
Business Transfers: In the event of a merger or acquisition, data may be transferred as part of the transaction. You will be notified if this occurs.

6. Data Retention

We retain personal data for the following periods:

Account data

Duration of account + 30 days after deletion

Execution audit logs

Retention defaults vary by account tier and workspace settings. Some records may expire automatically. Enterprise workspaces may configure retention to meet internal compliance policies.

Billing records

7 years (legal requirement)

Support correspondence

3 years from last interaction

Technical logs

90 days

You may request deletion of your account and personal data at any time. We will action deletion requests subject to legal and operational requirements, including obligations to retain certain records such as billing data.

7. Your Rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights:

Access

Request a copy of the personal data we hold about you.

Rectification

Request correction of inaccurate or incomplete data.

Erasure

Request deletion of your personal data, subject to legal retention obligations.

Restriction

Request restriction of processing in certain circumstances.

Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing based on legitimate interests.

Withdraw Consent

Withdraw consent for consent-based processing at any time.

Complaint

Lodge a complaint with the Information Commissioner's Office (ICO) if you believe your rights have been infringed.

To exercise any of these rights, contact us at [email protected] or use the legal contact form. We will respond within one calendar month.

Exporting Your Data

Where available within the platform, you can export or download your execution outputs and audit records directly from your account. For a full data export request, contact us using the legal contact form.

Deletion Requests

You may request deletion of your account and associated content at any time. We will action deletion requests subject to legal and operational requirements. Some data, such as billing records, must be retained in accordance with applicable law even after account deletion.

Enterprise Workspace Controls

Enterprise workspace administrators may configure retention settings, manage member access, and request data processing agreements through their account or by contacting our team.

8. Cookies

We use cookies and similar technologies to operate the platform and improve your experience. We distinguish between cookies that are strictly necessary to deliver the service and optional analytics cookies used to understand usage patterns.

Strictly necessary cookies are required for the platform to function and do not require consent. Optional analytics cookies are only placed where you have given your consent. We do not track users by default through optional cookies.

You can manage your cookie preferences at any time through your browser settings or our cookie preference centre. For full details of the cookies we use, please see our Cookie Policy.

9. International Data Transfers

Some of our service providers and AI model providers operate outside the UK and European Economic Area. Where data is transferred internationally, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses approved by the relevant authority
Adequacy decisions where applicable
Other lawful transfer mechanisms

Enterprise customers may request data residency options to restrict processing to specific geographies. Contact our sales team for details.

10. Contact & Complaints

If you have questions about this policy or how we handle your data, please contact us:

Email: [email protected]

Contact Form: Legal Enquiry Form

Post: Majormatic Ltd, London, United Kingdom

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection: ico.org.uk.

Changes to this Policy: We may update this policy from time to time. Material changes will be communicated to account holders by email. The date at the top of this page reflects the most recent revision.