Privacy notice

Last updated: 29 May 2026

This is the privacy notice for the AI audit you can take on this site. It explains exactly what happens to your answers and your email — what we collect, why, who else sees it, and when it gets deleted. No legal boilerplate; this describes what the site actually does.

1. Who runs this site

This site is run by Chanikul Dechpholkrang, a UK-based AI consultant based in Plymouth, Devon. For the purposes of UK GDPR, Chanikul is the data controller — the person who decides what data is collected and why.

If you have any question about your data, email chanikul@googlemail.com.

2. What we collect, when, and why

  • Your audit answers. When you submit the audit, we collect the ten questions you answer — your size and revenue bands, industry, the admin hours and loaded cost you enter, your top tasks, and a few optional free-text questions. We use these to generate your audit verdict and to estimate where AI could save you money.
  • Your email address. We only collect this if you choose to enter it at the email gate to unlock your verdict. We use it to email you the verdict and a short series of follow-up tips. This is based on the consent you give with the checkbox on that screen.
  • Marketing attribution (UTM tags). If you arrive from a campaign link that has utm_ parameters in the URL, we record those so we know which campaign sent you. That is all they are used for.
  • Browser session storage. Your verdict is held briefly in your own browser's session storage so the result page can show it without another round trip to the server. It stays on your device, on this same site, and is cleared when you close the tab. It is not a cookie and it is not sent to any third party.

3. Who else sees your data

To run the audit we rely on a small number of trusted suppliers (“processors”). Here is each one and exactly what it sees:

  • Anthropic (Claude AI). Receives your audit answers so its AI model can write your verdict. We don't send your name or email with them — the only personal data that could reach Anthropic is anything you type into the free-text answers yourself. Anthropic is US-based; transfers are covered by Standard Contractual Clauses (SCCs).
  • Resend. Our email provider. Receives your email address and the verdict content so it can send you the audit email. EU-hosted delivery is available.
  • GoHighLevel. Our CRM. Once you give your email, we add your email and a few summary fields from your audit (industry, size and revenue band, estimated leakage) so we can follow up. GoHighLevel is US-based.
  • Stripe. Only used if you buy the £47 roadmap. Stripe handles the payment and your card details entirely on its own PCI-DSS-compliant systems — no card data ever touches our servers.
  • Vercel. Hosts the site. Like any web host, it processes standard request logs (such as IP address and browser type) to serve pages and keep the service running.
  • Neon (PostgreSQL). Our database. Stores your audit record. Hosted in a UK/EU region.

4. How long we keep it

  • Your answers and verdict. The audit record in our database — your free-text answers and the generated result — is scheduled for deletion 30 days after you create it. That 30-day cut-off is stamped onto every record the moment it's saved.
  • Your email and lead record. The minimal lead record in our CRM — your email and the summary fields above — is kept while your consent is active, so we can follow up. We remove it if you reply STOP, use the unsubscribe link, or ask us in writing to delete it.

5. Our legal basis (UK GDPR)

  • Consent — for emailing you and adding you to our CRM for follow-up. This is the explicit checkbox you tick at the email gate, and you can withdraw it at any time.
  • Legitimate interest — for generating your audit verdict from the answers you submit. You asked for the audit; producing it is the legitimate interest that lets us process those answers.

6. Your rights

Under UK GDPR you have the right to:

  • access the data we hold about you;
  • have inaccurate data corrected;
  • have your data erased;
  • object to how we use it;
  • receive your data in a portable format.

To exercise any of these, email chanikul@googlemail.com. To stop marketing emails, you can also simply reply STOP to any email we send, or use the unsubscribe link in it.

If you think we've mishandled your data, you can complain to the UK's Information Commissioner's Office (ICO) at ico.org.uk.

7. Cookies and analytics

This site sets no marketing or advertising cookies, and we don't track you across other sites. The only browser storage we use is the session storage described in section 2 — a same-site scratchpad that holds your verdict on your own device and is cleared when you close the tab.

We don't currently run any third-party analytics. If we ever add analytics, we'll use a privacy-friendly, cookieless tool (Plausible) that doesn't track individuals or set cookies — and we'll update this notice before doing so.

8. Updates to this notice

If we change how we handle your data, we'll update this page and change the “last updated” date at the top. This is the first published version (29 May 2026).

9. Contact

For any data protection enquiry — access, correction, deletion, or just a question about this notice — email chanikul@googlemail.com. We'll get back to you.