top of page

Privacy Policy

A Legal Disclaimer

PRIVACY POLICY

NUANCE AI LTD

Digital Asset Management(DAM)& AI Cryptographic Image Services

Last updated: 14 May 2026

 

1. Who We Are

NUANCE AI LTD (“NUANCE AI", "we", "us", or "our") is a company registered in England and Wales, operating from London, United Kingdom. We provide two core services:

  • Digital Asset Management (DAM) — a platform that allows individuals and businesses to upload, store, organise, and search digital files including images, videos, documents, and audio, powered by artificial intelligence.

  • AI Cryptographic Image Services — a service that uses artificial intelligence to generate, verify, watermark, and cryptographically sign digital images, providing authenticity, provenance, and tamper-detection capabilities.

 

As the controller of your personal data, we are responsible for ensuring it is handled lawfully, transparently, and securely in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

If you have any questions about this policy or how we handle your data, please contact our Data Protection contact at:

Email: info@nuanceailtd.com

Address: NUANCE AI LTD, London, United Kingdom

 

2. What Personal Data We Collect

2.1 Data You Provide Directly

  • Account information — name, email address, password (stored encrypted), and company name when you register.

  • Billing information — payment card details processed and stored securely by Stripe. We do not store full card numbers on our systems.

  • Profile information — job title, profile picture, and communication preferences.

  • Support communications — messages, emails, or chat transcripts when you contact our support team.

2.2 Data We Collect Automatically

  • Usage data — pages visited, features used, time spent, search queries entered, and actions taken within our platform.

  • Device and technical data — IP address, browser type, operating system, screen resolution, and device identifiers.

  • Cookies and tracking — session cookies, preference cookies, and analytics cookies (see Section 9 for full details).

  • Log data — server logs including access times, errors, and API requests.

2.3 Data Specific to Our DAM Service

  • Uploaded files — images, videos, documents, audio files, and any other assets you upload to our platform.

  • AI-generated metadata — tags, descriptions, and collection suggestions automatically generated by our AI when you upload files.

  • File metadata — filenames, file sizes, upload dates, and modification history.

  • Collaboration data — comments, shared access permissions, and team activity logs.

2.4 Data Specific to Our AI Cryptographic Image Service

  • Source images — images submitted for cryptographic signing, watermarking, or authenticity verification.

  • Cryptographic identifiers — unique hashes, signatures, and provenance records generated for each processed image.

  • Verification logs — records of when and by whom an image was verified, including IP address and timestamp.

  • AI generation prompts — text prompts or parameters submitted to generate AI images (where applicable).

 

3. Our Legal Basis for Processing Your Data

Under UK GDPR, we must have a valid legal basis for processing your personal data. We rely on the following:

  • Contract performance — to provide you with our DAM and AI cryptographic image services as agreed when you created your account.

  • Legitimate interests — to improve our services, prevent fraud, maintain security, and send relevant product communications. We balance these interests against your rights and will not override them.

  • Legal obligation — to comply with UK laws including financial record-keeping, fraud prevention, and lawful data requests from authorities.

  • Consent — for optional marketing communications and non-essential cookies. You may withdraw consent at any time without affecting services already provided.

 

4. How We Use Your Data

4.1 To Provide and Operate Our Services

  • Creating and managing your account and team workspace.

  • Processing file uploads and running AI analysis for tagging, description, and collection suggestions.

  • Generating cryptographic signatures, watermarks, and provenance certificates for images.

  • Enabling search, sharing, and collaboration features within your organisation.

  • Processing payments and managing your subscription.

4.2 To Improve Our Services

  • Analysing usage patterns to identify bugs, improve features, and optimise performance.

  • Training and improving our AI models using aggregated and anonymised data (never your identifiable personal information without explicit consent).

  • Conducting internal research and product development.

4.3 To Communicate With You

  • Sending transactional emails including account confirmations, invoices, and security alerts.

  • Providing customer support and responding to your queries.

  • Sending product updates, new features, and service announcements (you may opt out at any time).

  • Sending marketing communications where you have given consent.

4.4 For Security and Legal Compliance

  • Detecting, preventing, and investigating fraud, abuse, or security incidents.

  • Complying with legal obligations, court orders, or requests from UK regulatory authorities.

  • Enforcing our Terms & Conditions.

 

5. Your Uploaded Files and Content

Files you upload to the DAM platform remain your property at all times. We do not claim ownership over your content. We process your files solely to provide the services you have requested, including:

  • Running AI analysis to generate tags, descriptions, and suggested collections.

  • Storing files securely on encrypted cloud infrastructure.

  • Enabling you and your authorised team members to access, search, and manage your files.

 

For the AI Cryptographic Image Service, images submitted for signing or verification are processed to generate cryptographic identifiers. A record of the cryptographic hash and signature is retained to enable future verification, but we do not retain your original images beyond the period necessary to complete processing unless you have an active storage subscription.

 

We do not use your uploaded files or images to train our AI models without your explicit written consent.

 

6. Who We Share Your Data With

We do not sell your personal data. We share it only in the following limited circumstances:

6.1 Service Providers (Data Processors)

We use trusted third-party providers who process data on our behalf under strict data processing agreements:

  • Anthropic — AI analysis and tagging of uploaded assets. Data is processed under Anthropic's API terms and is not used to train their models.

  • Stripe — Payment processing. Stripe is PCI-DSS compliant and processes card data directly.

  •  

6.2 Business Transfers

If Nuance ai is involved in a merger, acquisition, or sale of assets, your data may be transferred to the successor entity. We will notify you via email and provide 30 days' notice before your data is transferred or becomes subject to a different privacy policy.

6.3 Legal Requirements

We may disclose your data if required to do so by law or in response to valid requests from public authorities, such as the Information Commissioner's Office (ICO), police, or courts in the United Kingdom.

 

7. International Data Transfers

Some of our service providers operate servers outside the United Kingdom and European Economic Area (EEA). Where your data is transferred internationally, we ensure adequate protection is in place through one or more of the following:

  • UK International Data Transfer Agreements (IDTAs) or Addendum to EU Standard Contractual Clauses.

  • Transfers to countries with UK adequacy decisions.

  • Binding corporate rules or other approved transfer mechanisms.

 

You may request details of the specific safeguards in place for international transfers by contacting us at privacy@assetiq.co.uk.

 

8. How Long We Keep Your Data

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by law:

  • Account data — retained for the duration of your account plus 2 years after account closure, for legal and dispute resolution purposes.

  • Uploaded files (DAM) — retained until you delete them or close your account. Deleted files are removed from our servers within 30 days.

  • Cryptographic records — verification hashes and provenance records are retained for 7 years to support long-term authenticity verification.

  • Billing records — retained for 7 years as required by UK financial regulations.

  • Usage and log data — retained for 12 months for security and performance monitoring.

  • Marketing data — retained until you withdraw consent or opt out.

 

9. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our services and improve your experience. The types we use include:

  • Essential cookies — required for the platform to function. These cannot be disabled.

  • Preference cookies — remember your settings and display preferences.

  • Analytics cookies — help us understand how users interact with our platform. These are anonymised.

  • Marketing cookies — used only with your explicit consent to measure advertising effectiveness.

 

You can manage your cookie preferences at any time via the cookie settings banner on our website. Withdrawing consent for non-essential cookies will not affect your ability to use our core services.

 

10. Your Rights Under UK GDPR

As a UK resident, you have the following rights regarding your personal data. You can exercise any of these rights by contacting us at nuance.studio@outlook.com:

  • Right of access — request a copy of the personal data we hold about you (Subject Access Request).

  • Right to rectification — ask us to correct inaccurate or incomplete personal data.

  • Right to erasure — request deletion of your personal data where there is no lawful reason for us to continue processing it.

  • Right to restrict processing — ask us to pause processing of your data in certain circumstances.

  • Right to data portability — receive your personal data in a structured, machine-readable format and transfer it to another service.

  • Right to object — object to processing based on legitimate interests, including profiling or direct marketing.

  • Rights related to automated decision-making — request human review of any automated decisions that significantly affect you.

 

We will respond to all requests within one calendar month. We will not charge a fee for reasonable requests. If your request is complex, we may extend this by a further two months and will notify you accordingly.

 

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk

  • Helpline: 0303 123 1113

  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

 

11. Children's Privacy

Our services are not directed at or intended for use by children under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at nuance.studio@outlook.com and we will delete that information promptly.

 

12. Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Encryption of data in transit using TLS 1.2 or higher.

  • Encryption of data at rest using AES-256.

  • Role-based access controls limiting internal access to your data.

  • Regular security audits and vulnerability assessments.

  • Cryptographic integrity verification for all images processed through our AI Cryptographic Image Service.

 

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform you without undue delay where required.

 

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data practices. We will notify you of significant changes by:

  • Sending an email to the address associated with your account at least 14 days before changes take effect.

  • Displaying a prominent notice on our website and within the platform.

 

Your continued use of our services after the effective date of the updated policy constitutes your acknowledgement of the changes. We encourage you to review this policy periodically.

 

14. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us:

 

Nuance ai Ltd

Data Protection Contact

Email: nuance.studio@outlook.com

Address: London, United Kingdom

 

We aim to respond to all enquiries within 5 business days.

 

This Privacy Policy is effective as of 14 May 2026 and supersedes all previous versions.

Nuance ai Ltd is registered in England and Wales. UK GDPR & Data Protection Act 2018 compliant.

bottom of page