Breezi Ai

Legal

Privacy policy.

Last updated: 8 May 2026 · Version 0.1 (draft)

Draft — not yet legally reviewed This is a UK GDPR template. It has not been reviewed by a privacy specialist or lawyer. Do not rely on it as final policy. Breezi Ai is in the process of arranging legal review and will publish a finalised version below this notice.

This policy explains what information Breezi Ai collects when you use our website, sign up for the Tuesday Memo, become a member, or contact us — and what you can do about it.

On this page

  1. Who we are
  2. What data we collect
  3. Why we collect it (lawful basis)
  4. How long we keep it
  5. Who we share it with
  6. International transfers
  7. Your rights
  8. Cookies
  9. Children
  10. Changes to this policy
  11. How to contact us

1. Who we are

Breezi Ai is a UK-based Ai consultancy and membership service. For the purposes of UK GDPR, Breezi Ai is the data controller of personal data processed in connection with the website, the Tuesday Memo, member services, and consultancy enquiries.

Trading address and registered details: to be confirmed before publication.

2. What data we collect

Information you give us

  • Your name and email address when you sign up to the Tuesday Memo or contact us via the website.
  • Account information (name, email, business details, billing address, member tier) when you become a paying member.
  • The content of any messages you send us — through the website, WhatsApp, member dashboard, or email.
  • Optional onboarding profile information (business type, working pattern, what you want help with) you provide voluntarily to improve our replies.

Information we collect automatically

  • Standard server logs (IP address, browser type, timestamps) for security and abuse prevention.
  • Cookies and analytics data — only after you opt in. See Cookies below.

Payment information

We use Stripe to handle payments. We do not see, store, or process your card details. Stripe collects this information directly under its own privacy policy: stripe.com/gb/privacy. We receive only the data required to confirm a payment (e.g. transaction ID, last four digits of card, billing name and email).

3. Why we collect it (lawful basis)

Under UK GDPR, every piece of processing needs a lawful basis. Ours are:

  • Contract. When you become a member, we process your data to provide the service you paid for — replies to your questions, member dashboard access, billing.
  • Consent. For the Tuesday Memo and any other marketing email, we only send you messages if you have explicitly opted in. You can withdraw consent at any time using the unsubscribe link in any email or by contacting us.
  • Legitimate interest. For security logging, fraud prevention, and basic analytics needed to keep the service running. We balance this against your rights and interests.
  • Legal obligation. Where we have to keep records for tax, accounting, or regulatory reasons.

4. How long we keep it

  • Tuesday Memo subscribers: for as long as you remain subscribed. We delete your record within 30 days of you unsubscribing, except where we are required to retain it for a longer period.
  • Members: for the duration of your membership plus 6 years afterwards (UK statutory retention period for financial records).
  • Contact form enquiries: 24 months from the date of your enquiry, then deleted.
  • Server logs: 90 days, then automatically purged.
  • Cookie consent records: 12 months, after which we ask again.

5. Sub-processors

We rely on a small number of trusted sub-processors to run the service. We share personal data with these third parties only as required to deliver what you have asked for. Each sub-processor is bound by a data processing agreement, and we keep the list short on purpose.

  • Stripe (payments): card processing, billing, refunds.
  • Mailchimp (email delivery, once activated): Tuesday Memo and member announcements.
  • GoDaddy (web hosting): server-level storage of website data.
  • Cloudflare (content delivery and DDoS protection): proxies and caches website traffic.
  • Google (analytics, only if you opt in): traffic and usage statistics.
  • Anthropic (Ai inference, when you submit a question): the content of your questions may be processed through Anthropic’s Claude API to draft responses we then review and personalise. Anthropic does not retain question content for training. See anthropic.com/legal/privacy.

We do not sell your personal data to anyone. Ever.

6. International transfers

Some of our processors are based outside the UK. Where data is transferred internationally, we rely on UK Adequacy Regulations or Standard Contractual Clauses (UK Addendum) as required by UK GDPR. Specifically:

  • Stripe: UK and Ireland.
  • Mailchimp: United States (under UK Addendum to EU SCCs).
  • Anthropic: United States (under UK Addendum to EU SCCs).
  • Google: United States (under UK Addendum and EU–US Data Privacy Framework).

7. Your rights

Under UK GDPR, you have the following rights with respect to your personal data:

  • Right of access. Ask us to confirm what data we hold about you and provide a copy.
  • Right to rectification. Ask us to correct inaccurate or incomplete data.
  • Right to erasure (the “right to be forgotten”). Ask us to delete your data, subject to our legal obligation to retain certain records (e.g. financial records).
  • Right to restrict processing. Ask us to pause processing while a dispute or correction is resolved.
  • Right to data portability. Receive your data in a machine-readable format and transfer it to another controller.
  • Right to object. Object to processing based on legitimate interest, including profiling for marketing.
  • Right to withdraw consent. Where we rely on consent, you can withdraw it at any time. This does not affect processing done before you withdrew.
  • Right to complain to the ICO. If you believe we have not handled your data properly, you can complain to the UK Information Commissioner’s Office at ico.org.uk/make-a-complaint.

To exercise any of these rights, use the request form: Submit a privacy request →

We will respond within one calendar month. There is no fee. We may need to verify your identity before actioning a request.

8. Cookies and consent banner

When you first arrive, a cookie consent banner asks you to accept or decline non-essential cookies. You can change your choice any time by clearing your browser cookies and reloading the site. We use a small number of cookies on this site. They fall into two categories:

  • Strictly necessary. These keep the site working — member login sessions, your cookie consent choice, payment processing. They cannot be turned off because the site does not work without them.
  • Analytics (optional). If you opt in, we use Google Analytics to understand how visitors find and use the site. These are only set after you click “Accept” on the cookie banner.

You can change your cookie choice at any time by clicking the cookie icon at the bottom of any page, or by clearing your browser cookies for breeziai.uk.

9. Children

Breezi Ai is a business service. It is not intended for children under 18, and we do not knowingly collect personal data from children. If you believe a child has submitted information, contact us and we will delete it.

10. Changes to this policy

We may update this policy. The “last updated” date at the top reflects the most recent change. For material changes that affect your rights, we will notify members and Tuesday Memo subscribers by email.

11. How to contact us

For privacy questions or to exercise any of your rights, use the request form or email us:

We aim to respond to all privacy queries within 5 working days, and to formal data rights requests within one calendar month, as required by law.

Submit a privacy request →