Legal Documentation

Privacy & Data Processing Policy

Effective Date: June 3, 2026

This Privacy Policy and Data Processing Agreement (the "Policy") outlines how Slate OS, a trading name of Slate Systems Ltd (Company No. 17243517, Registered Office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ) ("we", "us", or "our"), collects, processes, and protects data. Because Slate OS provides enterprise-grade infrastructure for commercial trade operations, this Policy explicitly defines the legal boundaries between our responsibilities and yours.

1. Legal Framework: Controller vs. Processor

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, it is critical to establish the hierarchy of data ownership and liability:

  • You are the Data Controller: You determine the purposes and means of processing the personal data of your clients (the "End-Users"). You are legally responsible for obtaining lawful consent to store their data and contact them via SMS or Email.
  • We are the Data Processor: Slate OS provides the software infrastructure. We process End-User data strictly on your behalf and solely in accordance with your automated or manual commands executed through our interface.
  • Data Subject Access Requests (DSARs): If an End-User contacts Slate OS requesting access to or deletion of their data, we are legally bound to forward this request to you. You bear the sole responsibility for executing the deletion within your Slate OS workspace.

2. Data Categorization & Telemetry

We forensically categorize the data we collect into two distinct vaults:

  • Account Data (Your Data): Information required to maintain your Slate OS subscription. This includes your name, company registration number (CRN), email, phone number, and Stripe billing metadata. We act as the Data Controller for this specific subset of data.
  • Platform Data (End-User Data): Information you input into the CRM regarding your clients, including names, addresses, geospatial coordinates, job values, and communication logs. We act strictly as the Data Processor for this data.

3. The Infrastructure Supply Chain (Sub-Processors)

To deliver enterprise-grade reliability, Slate OS utilizes highly vetted, SOC 2 compliant sub-processors. By using our Service, you authorize data to flow through the following infrastructure partners:

  • Clerk: For biometric and cryptographic identity management and authentication.
  • Stripe: For zero-liability financial routing and payment gateway processing.
  • GoHighLevel: For underlying telecom routing (SMS/Email delivery) and CRM database synchronization.
  • Neon / Vercel: For encrypted PostgreSQL database hosting and edge computing.

4. Artificial Intelligence & Data Sovereignty

Slate OS utilizes advanced Artificial Intelligence (e.g., Google Gemini) to power the Strategic Advisor and analytical engines. We enforce a strict Data Firewall. Your operational telemetry and client data are passed to these AI models via secure, zero-retention enterprise APIs. We legally guarantee that your proprietary business data is never used to train public foundational AI models. The data processing is ephemeral and mathematically sterile.

5. Operational Storage & Session Integrity

Slate OS does not use tracking cookies for advertising or cross-site surveillance. We utilize local storage mechanisms (such as localStorage) strictly to maintain session integrity, cache communication logs for the Spatiotemporal Matcher, and ensure the software functions without latency. Under the Privacy and Electronic Communications Regulations (PECR), these mechanisms are classified as "Strictly Necessary for Service Delivery" and do not require consent banners.

6. Data Retention & The Purge Protocol

Slate OS is not a permanent data backup service. If you terminate your subscription, or if your account is suspended due to non-payment (the "Kill Switch"), we initiate a 30-Day Purge Protocol. We reserve the right to permanently and irreversibly wipe your Postgres Vault and associated telecom sub-accounts 30 days after termination. It is your responsibility to export your data prior to cancellation.

7. Cryptographic Security & Breach Notification

All data in transit and at rest is secured using industry-standard 256-bit AES encryption. However, no system is mathematically impenetrable. In the event of a confirmed data breach affecting your Platform Data, Slate OS will notify you within 72 hours of discovery, providing you with the necessary telemetry to fulfill your own reporting obligations to the Information Commissioner's Office (ICO).

8. Governing Law & Contact

This Policy is governed by the laws of England and Wales. If you have any questions regarding this Data Processing Agreement, or if you need to contact our Data Protection Officer (DPO), please email us at legal@slateos.co.uk.

Slate OS

The operating system for the modern tradesperson.
Stop chasing. Start closing.

© 2026 Slate OS. All Rights Reserved.

Slate OS is a trading name of Slate Systems Ltd. Registered in England & Wales (No. 17243517).

Registered Office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ.

Designed for Excellence.