Privacy notice

1. Who is the data controller

The data controller is Darent Labs Ltd, a private limited company registered in England & Wales (company number 17256459) with its registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ. Our ICO registration number is ZC163875.

For any privacy question, email [email protected].

2. What data we collect, and why

We collect the following categories of personal data and process them on the legal bases shown:

• Account and identity data — your email address (required for sign-in) and the display name you provide. Lawful basis: contract.
• Profile data you provide for personalisation — information about your council, your area, and the topics you care about, used to configure what the service produces for you. Lawful basis: contract.
• Content you upload for processing — documents you submit for summarisation. We extract the text needed to produce your summary and do not retain the original file. Lawful basis: contract.
• Items returned by your weekly digest — titles, short snippets, links, and source information for items considered relevant to you. Full article bodies are not stored. Lawful basis: contract.
• Parish-report content — the notes you save during the month (pasted text, dropped emails, dropped documents), the AI-generated drafts, and any chat messages exchanged with the assistant while drafting a report. Source files (emails, attachments) are not retained beyond processing; only the extracted text and the AI output persist. Lawful basis: contract.
• Feedback you submit — what you wrote and the page you submitted it from. Lawful basis: contract.
• Exit feedback— if you cancel or delete your account and choose to tell us why, the reason you give. If you are deleting your account and explicitly opt in, we also keep your email address so we can contact you about the product in future; otherwise the reason is stored without anything identifying you. Lawful basis: consent. See “How long we keep it” below.
• Technical, usage, and security logs — request metadata, error messages, and aggregate API-usage counts. These do not include your name, email, or content. Lawful basis: legitimate interest in running and securing the service.
• Authentication data — short-lived sign-in tokens and an encrypted session cookie when you sign in. See our Cookies notice. Lawful basis: contract.
• Subscription consent record — when you start a subscription, we record the timestamp, IP address, and browser user-agent of your express consent that the service start immediately, together with the version of the Terms and this notice you accepted. Lawful basis: legal obligation (Consumer Contracts Regulations 2013) and our legitimate interest in evidence of contract formation.

Providing your email address and basic profile details is necessary for us to create and run your account — without them we can't provide the service. Anything beyond that is optional.

We use AI to generate summaries, digests, and report drafts at your request. We do not make any decision about you based solely on automated processing that produces legal effects concerning you or similarly significantly affects you.

3. Service providers

We rely on third-party service providers to deliver CouncillorOS, in the following categories: payment processing, transactional email delivery, AI processing of your content, hosting, and CDN/security. Each is bound by a written data-processing agreement with us. The current named list of providers is published on our processors pageand is updated when it changes; please check there for the up-to-date roster and links to each provider's own privacy policy.

3a. When you input other people's information

CouncillorOS lets you paste or upload material — casework emails, council documents, parish activity — that may contain personal data about residents, officers, or other people. As between you and us, you are the data controller of that information and we act as your processor, handling it only to produce the output you ask for and on your instructions. You are responsible for having a lawful basis to provide it to us and for meeting your own obligations to those individuals. If someone contacts us about data you have put into the service, we'll refer them to you.

4. Where your data is stored

Your account data is hosted in the European Economic Area. Delivering some features means your content is processed by providers based in the United States — in particular the AI models that generate your summaries, digests, and report drafts. Where data is transferred outside the UK we rely on the UK International Data Transfer Agreement, the EU Standard Contractual Clauses with the UK Addendum, or an equivalent safeguard, supported by a transfer risk assessment.

5. How long we keep it

Account data is retained for the lifetime of your account and is deleted when you close your account. Operational records — server logs, monitoring data, and email-delivery records — are kept only as long as we need them to run and secure the service and support you, then deleted; in practice a matter of months, not years. Database backups are held on a short rolling cycle (currently about a month). Sign-in tokens are deleted on first use or expiry. Payment records held by our payment processor are retained per their policy and applicable financial law (typically seven years). We review retention periods periodically.

Parish reports auto-expire twelve months after they are finalised. The body text, notes, and chat history of an expired report are cleared automatically; we keep timestamps, filenames, and token counts as a billing-dispute record. You can delete an unexpired report sooner from the parish-reports page.

Where you delete your account and opt in to being contacted, we keep the email address you gave for up to 24 months, after which it is deleted and only the anonymous reason remains. You can ask us to delete it sooner at [email protected].

6. Your rights

Under UK GDPR you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectify — correct anything inaccurate. Most of your profile is editable directly at /settings.
• Erase — delete your account at /settings; deletion is immediate and irreversible (subject to backup retention above). Closing your account removes everything keyed to it — document summaries, digest items, parish reports (including notes and chat history), and feedback — via database-level cascade.
• Port — request a structured export of your data. Email [email protected] and we'll respond within 30 days.
• Object— to processing based on legitimate interest. We'll evaluate and respond.
• Restrict — ask us to limit how we use your data while a concern (for example an accuracy or objection request) is being resolved.
• Withdraw consent— where we rely on your consent (for example exit-feedback contact), you can withdraw it at any time. Withdrawing doesn't affect anything we did before you withdrew.
• Complain— to the Information Commissioner's Office (ico.org.uk) if you think we're mishandling your data.

7. Security

We use industry-standard encryption in transit and at rest, restrict database access on a need-to-know basis, and maintain regular backups. We do not log sensitive content (your document text, summary text, or email contents). No system is perfectly secure; if a breach occurs that's likely to result in a risk to your rights and freedoms, we'll notify the ICO within 72 hours and you without undue delay.

8. Children

The service is not directed at children. UK councillors are adults; we don't knowingly collect data from anyone under 18. If you believe we have, contact us and we'll delete it.

9. Cookies

See our separate Cookies notice.

10. Changes to this notice

We'll update the “Last updated” date at the top of this page when this notice changes. For changes that materially affect what we do with your data, we'll email you in advance.