top of page
White Structure

Privacy and Security

Pilot Generative AI – Easy-Read Terms

Important: This is a simplified summary of our Privacy & Security Policy. It is for convenience only. The full legal Privacy Policy always takes precedence.

Introduction – Who We Are

We are Pilot Generative AI Ltd (“Pilot”, “we”, “our”).
We provide AI tools and services such as EddyAI MIND, EddyAI FLOW, Eddy LEAD, Pilot2Work, and Pilot4Justice.

We take your privacy and data protection seriously. This summary explains how we collect, use, and protect your data.

What Data We Collect

Depending on how you use Pilot, we may collect:

  • Basic details: name, email, phone number, job role, organisation.

  • Login info: usernames, passwords, access permissions.

  • Learning/safeguarding data: only if entered by schools, employers, or organisations we work with.

  • Device details: IP address, browser type, logs.

  • Messages: support enquiries, feedback, or chat transcripts.

  • Cookies: to improve our websites (see our Cookies Policy).

How We Use Your Data

We only use your data when necessary and lawful. Typical reasons include:
✅ To provide and manage access to our platforms.
✅ To keep systems secure and working properly.
✅ To support education, employability, safeguarding, and justice programmes.
✅ To respond to enquiries or support requests.
✅ To improve our services using anonymised or aggregated data.
❌ We never sell your personal data.

Who Controls Your Data

  • Sometimes we are the Data Controller (e.g. website visitors, demo accounts, direct subscribers).

  • Sometimes we are the Data Processor (e.g. student/learner data managed on behalf of schools or employers).

  • Either way, we apply the same high privacy and security standards.

How Long We Keep Data

  • Only for as long as needed to deliver services or meet legal requirements.

  • Student/learner data is usually deleted or anonymised within 7 years after leaving an institution (unless law requires longer).

Your Rights

Under UK GDPR, you have rights over your data, including the right to:

  • Access a copy of your data.

  • Correct mistakes.

  • Ask for deletion (“right to be forgotten”).

  • Restrict or object to certain processing.

  • Request your data in a portable format.

If we are the Controller, contact us directly.
If we are the Processor, contact your school, employer, or organisation.

How We Keep Data Safe

We use strong safeguards such as:

  • Encryption in transit and at rest.

  • Strict access controls and multi-factor authentication.

  • Regular security testing, monitoring, and audits.

  • Staff training in data protection and safeguarding.

  • Disaster recovery and breach response plans.

International Data Transfers

Most data is stored in the UK or EEA.
If data goes outside these regions, we use approved safeguards like UK adequacy decisions or standard contractual clauses.

Safeguarding

Because many clients work with children, young people, or vulnerable adults:

  • Staff are trained in safeguarding and child protection.

  • Our platforms include tools to help schools and organisations meet safeguarding duties.

  • AI outputs are support tools only – never a substitute for professional judgment.

Data Breaches

  • If acting as a Processor, we notify the Controller quickly (within 72 hours where required).

  • If acting as a Controller, we notify the ICO and affected individuals when legally required.

Contact Us

Data Protection Officer (DPO): Piers Bennett
📧 Email: info@pilotgenerativeai.com
📍 Address: Ascend Co Working, 1st Floor Pentagon Shopping Centre, Chatham, ME4 4HY

If unhappy, you can escalate to the UK Information Commissioner’s Office (ICO) at ico.org.uk

bottom of page