Privacy Policy
Background
GoSmarter AI (trading name of Nightingale HQ Ltd) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, gosmarter.ai (“our Site”), and will only collect and use personal data in ways described here, consistent with our obligations and your rights under the law.
Please read this Privacy Policy carefully. Your continued use of our Site constitutes acceptance of this Policy.
1. Definitions
- “Account” means an account required to access and/or use certain areas and features of our Site.
- “Cookie” means a small text file placed on your device when you visit our Site. Details of cookies used are set out in our Cookie Policy.
- “Cookie Law” means the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), as amended.
- “UK GDPR” means the UK General Data Protection Regulation as incorporated by the Data Protection Act 2018.
2. Information About Us
Our Site is owned and operated by Nightingale HQ Ltd, a limited company registered in England and Wales under company number 11725529.
- Registered address: Ty Merlin Caerphilly Business Park, Van Road, Caerphilly, Wales, CF83 3GS
- Trading as: GoSmarter AI
- Email: Steph, one of our founders, @ steph@nightingalehq.ai
3. What This Policy Covers
This Privacy Policy applies to your use of our Site. Our Site may link to third-party websites. We have no control over how those sites collect, store, or use your data — please check their privacy policies before providing any data.
4. What Is Personal Data
Under UK GDPR, personal data is any information about an identifiable person who can be directly or indirectly identified, particularly by reference to an identifier such as a name, an identification number, location data, or an online identifier.
5. Your Rights
Under UK GDPR and the Data Protection Act 2018, you have the following rights:
- Right to be informed — this Policy tells you how we use your data.
- Right of access — you can request a copy of the data we hold about you (see Part 13).
- Right to rectification — you can ask us to correct inaccurate or incomplete data.
- Right to erasure — you can ask us to delete your personal data.
- Right to restrict processing — you can ask us to limit how we use your data.
- Right to object — you can object to us using your data for particular purposes.
- Right to withdraw consent — where we rely on consent, you can withdraw it at any time.
- Right to data portability — you can request a copy of your data in a machine-readable format.
- Rights relating to automated decision-making — we do not use automated decision-making that produces legal or similarly significant effects.
Contact us using the details in Part 15 to exercise any of these rights. We will respond within one month.
Further information is available from the Information Commissioner’s Office (ICO): ico.org.uk or 0303 123 1113.
6. What Data We Collect and How
| Data Collected | How We Collect It |
|---|---|
| Name and email address | Contact form, newsletter signup, app account registration |
| Technical interaction data | Analytics cookies (only with your consent — see Cookie Policy) |
We do not collect special category data, data relating to children, or data relating to criminal convictions.
7. How We Use Your Personal Data
Under UK GDPR, we must always have a lawful basis for using personal data.
| What We Do | What Data We Use | Lawful Basis |
|---|---|---|
| Respond to your enquiries | Name, email address | Legitimate interest / contract |
| Send marketing communications (only if you opt in) | Email address | Consent |
| Analyse site usage to improve the site | Anonymous analytics data | Consent (via cookie consent) |
| Deliver targeted advertising | Cookie data (LinkedIn, Facebook) | Consent (via cookie consent) |
We will not send you unsolicited marketing. You may opt out of marketing emails at any time by clicking the unsubscribe link in any email we send.
8. How Long We Keep Your Personal Data
| Data | Retention Period |
|---|---|
| Name and email address | Up to 1 year after last contact |
| Analytics data | Aggregated indefinitely; individual session data 90 days |
| Cookie consent records | 1 year |
9. How and Where We Store or Transfer Your Personal Data
Some of our third-party processors (for example, Google and LinkedIn) may store or process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as:
- Transfers to countries with an adequacy decision from the UK Secretary of State.
- Standard Contractual Clauses (SCCs) or equivalent UK transfer mechanisms.
10. Do We Share Your Personal Data
We do not sell your personal data. We may share it with:
- Analytics and marketing platforms (Google, LinkedIn, Meta) — only where you have provided consent via our cookie consent tool.
- Our hosting and infrastructure providers — under data processing agreements.
- Legal and regulatory authorities — where required by law.
In the event of a business sale or merger, your data may be transferred to the new owner subject to the same protections as described in this Policy.
11. How You Can Control Your Personal Data
You can:
- Withdraw cookie consent at any time via the 🍪 button on every page.
- Opt out of marketing emails using the unsubscribe link in any email.
- Contact us to request access, rectification, or erasure of your personal data.
- Raise a complaint with the ICO at ico.org.uk.
12. Can I Withhold Information
You may browse much of our Site without providing personal data. However, some features (such as the contact form or app access) require data submission. You may restrict our use of cookies — see our Cookie Policy for details.
13. How Can I Access My Personal Data
Submit a Subject Access Request (SAR) in writing to the email or postal address in Part 15. There is no charge for most SARs. We will respond within one month.
14. Cookies
We use cookies in accordance with UK PECR and UK GDPR. Full details are set out in our Cookie Policy. You can manage your cookie preferences at any time via the 🍪 button at the bottom-left of every page.
15. How to Contact Us
For data protection enquiries, including subject access requests:
- Email: Steph, one of our founders, @ steph@nightingalehq.ai
- Post: Nightingale HQ Ltd, Ty Merlin Caerphilly Business Park, Van Road, Caerphilly, Wales, CF83 3GS
16. Changes to This Policy
We may update this Policy from time to time. Changes will be published on this page with an updated date. We recommend checking this page periodically.
Last updated: February 2026