top of page

Privacy Policy

PRIVACY POLICY - CARBO GPT (incl. CARBO.CLOUD & GETCARBO.CO.UK)

https://CARBO.CLOUD

https://GETCARBO.CO.UK

Note: CARBO.CLOUD includes GETCARBO.CO.UK as a premises.

 

Last updated: 17th December 2025

 

 

1. Introduction

 

CARBO GPT(“CARBO”, “we”, “us”, “our”) is committed to protecting and respecting your privacy.

 

This Privacy Policy explains how we collect, use, store, disclose, and protect personal data when you use the CARBO.CLOUD platform, website, applications, and related services (collectively, the “Services”).

 

This policy applies to:

 

  • Visitors to our website

  • Registered users and account holders

  • Clients, customers, and authorised users of client accounts

  • Business contacts and communications

 

By using CARBO GPT, you acknowledge that you have read and understood this Privacy Policy.

 

 

2. Who We Are (Data Controller)

 

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, CARBO GPT acts as a Data Controller in relation to personal data processed through the Services.

 

Controller:

CARBO.CLOUD

Operated by: The A17 Business Group Ltd

Registered in England and Wales

Company Number: 16148045

 

Contact Email: support@carbo.cloud

Registered Office: 19 Dedmere Road, Marlow, SL71PE

 

 

3. Definitions

 

  • “Personal Data” means any information relating to an identified or identifiable individual.

  • “Processing” means any operation performed on personal data (collection, storage, use, disclosure, deletion, etc.).

  • “User” means any individual accessing or using the Services.

  • “Client” means a business or organisation that holds an account with CARBO GPT.

  • “UK GDPR” refers to the UK General Data Protection Regulation.

 

 

4. Data We Collect

 

 

4.1 Information You Provide Directly

 

We may collect the following personal data when you register, communicate with us, or use the Services:

 

  • Full name

  • Email address

  • Phone number

  • Business name and role

  • Billing and invoicing details

  • Account login credentials (hashed and encrypted)

  • Communications sent to us (support requests, emails, feedback)

  • User-generated content submitted within the platform

 

 

4.2 Information Collected Automatically

 

When you use CARBO GPT, we may automatically collect (including but not limited to):

 

  • IP address

  • Device and browser information

  • Operating system

  • Usage data, logs, and interaction data

  • Date, time, and duration of access

  • Referring URLs

 

 

4.3 Client-Provided Data

 

Where you are an authorised user of a Client account, we may process personal data uploaded or entered by the Client, which may include:

 

  • Employee or contractor details

  • Client or customer records

  • Operational, administrative, or business data

 

In these cases, CARBO GPT typically acts as a Data Processor, and the Client is the Data Controller.

 

 

5. Lawful Bases for Processing

 

We process personal data only where we have a lawful basis under UK GDPR, including:

 

  • Contractual necessity – to provide and operate the Services

  • Legitimate interests – to improve, secure, and operate our platform

  • Legal obligation – to comply with applicable laws and regulations

  • Consent – where explicitly required (e.g. marketing communications)

 

 

6. How We Use Personal Data

 

We use personal data to:

 

  • Create and manage user accounts

  • Authenticate users and enforce access controls

  • Provide, maintain, and improve the Services

  • Process payments and manage subscriptions

  • Respond to support requests and enquiries

  • Monitor platform performance and security

  • Detect, prevent, and investigate fraud or misuse

  • Comply with legal and regulatory obligations

 

We do not sell personal data.

 

 

7. AI and Automated Processing

 

CARBO GPT uses automated systems, including artificial intelligence, to:

 

  • Provide assistance, insights, or recommendations

  • Automate workflows and operational tasks

  • Improve system performance and user experience

 

Automated processing is designed to support users and does not make legally binding or significant decisions without human oversight unless explicitly stated.

 

 

8. Cookies and Tracking Technologies

 

We use cookies and similar technologies to:

 

  • Ensure platform functionality

  • Improve performance and reliability

  • Understand how users interact with the Services

 

You can control cookies through your browser settings. Disabling cookies may affect functionality.

 

A separate Cookie Policy may apply.

 

 

9. Data Sharing and Disclosure

 

We may share personal data only where necessary and lawful, including with:

 

 

9.1 Service Providers

 

Trusted third parties who support our operations, such as:

 

  • Hosting and infrastructure providers

  • Payment processors

  • Analytics and monitoring tools

  • Customer support platforms

 

All service providers are contractually bound to protect data.

 

 

9.2 Legal and Regulatory Authorities

 

Where required to comply with:

 

  • Legal obligations

  • Court orders

  • Regulatory requests

 

 

9.3 Business Transfers

 

In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction.

 

 

10. International Data Transfers

 

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including:

 

  • Adequacy regulations

  • Standard contractual clauses

  • Equivalent legal protections

 

 

11. Data Security

 

We implement appropriate technical and organisational measures to protect personal data, including:

 

  • Encryption at rest and in transit

  • Access controls and authentication

  • Role-based permissions

  • Regular security monitoring

  • Secure hosting environments

 

Despite these measures, no system is completely secure. Users are responsible for keeping login credentials confidential.

 

 

12. Data Retention

 

We retain personal data only for as long as necessary to:

 

  • Fulfil the purposes outlined in this policy

  • Comply with legal obligations

  • Resolve disputes and enforce agreements

 

When data is no longer required, it is securely deleted or anonymised.

 

 

13. Your Rights Under UK GDPR

 

You have the right to:

 

  • Access your personal data

  • Request correction of inaccurate data

  • Request erasure (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time (where applicable)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

 

To exercise your rights, contact: support@carbo.cloud

 

 

14. Children’s Data

 

CARBO GPT is not intended for individuals under the age of 16. We do not knowingly collect data from children. If such data is identified, it will be deleted.

 

 

15. Third-Party Links

 

The Services may contain links to third-party websites or services. We are not responsible for their privacy practices and encourage users to review their policies independently.

 

 

16. Changes to This Policy

 

We may update this Privacy Policy from time to time. Changes will be posted on this page and, where appropriate, notified to users.

 

Continued use of the Services after changes take effect constitutes acceptance of the updated policy.

 

 

17. Contact Us

 

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, contact:

 

Email: support@carbo.cloud

Company: The A17 Business Group Ltd

Trading As: CARBO GPT

bottom of page