Privacy Policy

Last updated: 28 February 2026

1. Who We Are

WalkQuote Ltd (“we”, “us”) is the data controller for personal data processed through the WalkQuote platform. We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What We Collect

We collect the following categories of personal data:

  • Account information: name, email address, business name, password (hashed)
  • Business data: customer records, quotes, invoices, job details, price lists, photos
  • Voice recordings: audio captured during voice-to-quote sessions, processed into text transcripts
  • Usage data: pages visited, features used, device type, browser type
  • Payment data: processed securely by Stripe; we do not store card numbers

3. How We Use It

We process your data for the following purposes:

  • Providing and improving the Service (contractual necessity)
  • Processing voice recordings into quote line items (contractual necessity)
  • Sending transactional emails: quote notifications, invoice reminders, password resets (contractual necessity)
  • Analytics to improve the platform (legitimate interest)
  • Marketing communications only with your explicit consent

4. Voice Data

Voice recordings are processed using third-party AI services (OpenAI) to generate text transcripts and extract quote items. Recordings are transmitted securely via TLS encryption. We do not use your voice data to train AI models. Voice recordings are stored for the duration of your account and deleted within 30 days of account closure.

5. Data Sharing

We share data only with the following categories of processors:

  • Neon (database hosting): stores your business data in the EU/UK
  • Vercel (hosting): serves the web application
  • OpenAI (AI processing): processes voice transcripts
  • Stripe (payments): handles subscription billing
  • Resend (email): delivers transactional emails

We do not sell your personal data. We do not share it with advertisers.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Anonymised analytics data may be retained indefinitely.

7. Your Rights (UK GDPR)

You have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate data
  • Erasure: request deletion of your data
  • Portability: export your data in CSV format
  • Restriction: limit how we process your data
  • Objection: object to processing based on legitimate interest
  • Withdraw consent: for any processing based on consent

To exercise any of these rights, email privacy@walkquote.com. We will respond within 30 days.

8. Cookies

We use essential cookies only: a session cookie to keep you logged in and a CSRF token for security. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. International Transfers

Some processors (OpenAI, Vercel) may process data in the United States under Standard Contractual Clauses approved by the UK Information Commissioner’s Office. Stripe processes payment data in the EU/UK.

10. Children

WalkQuote is not intended for individuals under 18. We do not knowingly collect data from children.

11. Changes

We may update this policy from time to time. Material changes will be communicated via email. The “Last updated” date at the top indicates the most recent revision.

12. Contact & Complaints

Data Controller: WalkQuote Ltd

Email: privacy@walkquote.com

If you are unsatisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk.