Skip to main content
MissionOpsAI
Last updated: 1 March 2026

Privacy Policy

1. Data Controller

MissionOpsAI Ltd (company registration number 14437210), a company incorporated in England and Wales, is the data controller in respect of personal data processed under this policy. We are registered with the Information Commissioner's Office (ICO) under registration reference CSN1910644.

This Privacy Policy explains how we collect, use, store, and share personal data in connection with the MissionOpsAI Platform and our website at missionopsai.com. It is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about how we handle your personal data, please contact us at legal@missionopsai.com.

2. Personal Data We Collect

Website visitors: When you visit our website, we may collect technical data including your IP address, browser type, pages viewed, and referring URL. This data is collected via analytics tools only with your consent via our cookie consent mechanism. We do not use this data to identify you personally.

Assessment and contact users: When you complete our AI readiness assessment or contact form, we collect your name, email address, organisation name, job title, and the information you provide in response to assessment questions. This data is used to provide you with assessment results, follow up on your enquiry, and (with your consent) send relevant communications.

Platform users: When you access the MissionOpsAI Platform, we collect account registration data (name, email, organisation), usage logs, authentication data, and any Content you upload or generate within the Platform. We may also collect technical telemetry data to monitor platform health and performance.

3. Legal Bases for Processing

We rely on the following legal bases under UK GDPR Article 6 to process personal data:

  • Contract performance — processing necessary to provide the MissionOpsAI Platform services under our Terms and Conditions.
  • Legitimate interests — processing for security monitoring, fraud prevention, platform improvement, and direct marketing to existing customers and prospects, subject to your right to object.
  • Consent — analytics cookies and email marketing to non-customers, where we rely on your explicit consent which you may withdraw at any time.
  • Legal obligation — processing required to comply with applicable laws including tax, anti-money laundering, and regulatory requirements.

4. How We Use Your Data

We use personal data to: provide and administer the MissionOpsAI Platform; respond to enquiries and provide customer support; send transactional communications related to your account; conduct security monitoring and prevent fraudulent or unauthorised access; comply with legal and regulatory obligations; and improve our platform and services.

We do not sell personal data to third parties. We do not use your Content to train AI models operated by third parties without your explicit written consent.

5. Data Sharing and Processors

We may share personal data with carefully selected third-party processors who provide services to us, including cloud hosting (Hetzner Online GmbH, Germany), payment processing, and email services. All processors are subject to data processing agreements requiring them to process data only on our documented instructions and to maintain appropriate security measures.

Where AI inference is used within the Platform, prompts and content may transit through API providers. We ensure that such transfers do not result in personal data being stored by those providers beyond the duration of the processing request. Full details of our sub-processors are available in our Data Processing Agreement.

6. International Transfers

We host all platform data on servers located within the European Economic Area (Hetzner, Germany/Finland). We do not transfer personal data to countries outside the UK/EEA as a matter of routine. Where any transfer outside the UK/EEA is necessary, we will ensure an appropriate safeguard is in place, such as the International Data Transfer Agreement (IDTA) approved by the ICO, or Standard Contractual Clauses (SCCs).

7. Retention Periods

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law:

  • Active account data: retained for the duration of the subscription plus 12 months.
  • Correspondence and support records: 3 years from the date of last interaction.
  • Financial and billing records: 7 years (legal obligation under HMRC requirements).
  • Website analytics: 13 months rolling.
  • Security logs: 12 months.

Upon expiry of the applicable retention period, data is securely deleted or anonymised.

8. Your Rights

Under UK GDPR, you have the following rights in respect of your personal data:

  • Right of access — to obtain a copy of the personal data we hold about you.
  • Right to rectification — to have inaccurate data corrected.
  • Right to erasure — to request deletion of your data in certain circumstances.
  • Right to restriction — to restrict processing in certain circumstances.
  • Right to data portability — to receive your data in a structured, machine-readable format.
  • Right to object — to processing based on legitimate interests or for direct marketing.
  • Rights related to automated decision-making — not to be subject to solely automated decisions with significant effects.

To exercise any of these rights, please contact us at legal@missionopsai.com. We will respond within one month. You also have the right to lodge a complaint with the ICO at ico.org.uk.

9. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or destruction, including encryption at rest (AES-256) and in transit (TLS 1.3), access controls, and regular security assessments. Further details are available in our Security Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Platform. The current version will always be available at missionopsai.com/legal/privacy.

UK SOIL · HETZNER SOVEREIGN INFRASTRUCTURE · NO CLOUD ACT COMPELLABILITY · SOVEREIGN MIND v1.1 GOVERNANCE · JSP 936 ARCHITECTURE · NATO PRU COMPLIANT · BYOM/BYOK/BYOD · WARRANT-ATTESTED API CONTRACTS · SC-CLEARED FOUNDER · MISSION COMMAND RELEASE GATES · CHRONICLE FULL AUDIT TRAIL

MissionOpsAI

Sovereign AI orchestration with Mission Command governance. European infrastructure. Zero compromise.

Sovereign AI insights newsletter
© 2026 MissionOpsAI Ltd. All rights reserved.
Company No: 14437210 · VAT No: GB 433426806 · Registered in England and Wales
Registered Office: The Top Floor, Kings Road, Bury St Edmunds, IP33 3DE
Cyber Essentials Certified
JSP 936 Aligned·NATO PRU Compliant·SC-Cleared Founder· LinkedIn