Privacy Policy

Effective date: 26 August 2025
Last updated: 26 August 2025

This Privacy Policy explains how Escribe ("Escribe", "we", "us", "our") collects, uses, discloses, and protects personal information when you use our websites, apps, and services (together, the "Services").

Plain English first: we don’t sell personal data. We run a software business. We only collect what we need to deliver the Services, support you, and comply with the law.

1. Who we are & scope

  • Controller: Escribe (legal entity: Inspiredsoft LTD), established in the United Kingdom.
  • Registered address: 18 Harkers House, Knottingley, West Yorskhire WF11 8DN.
  • Contact (privacy): inspiredsoft@icloud.com (Data Protection Officer: Hollie Fairbairn).
  • Websites covered: escribeai.com and any sub‑domains or pages linking to this policy.
  • We operate in the UK/EEA and sell internationally, including to the United States. This policy includes notices for UK/EU residents (UK GDPR/EU GDPR) and California residents (CCPA/CPRA).

This policy doesn’t cover third‑party websites you may visit from our pages. Check their privacy notices.

2. The information we collect

We collect information in three ways: (A) you give it to us; (B) we collect it automatically; (C) we receive it from third parties (e.g., payment processors).

A. Information you provide

  • Account details (name, email, password).
  • Billing and contact details (address, company, VAT/tax info, phone).
  • Content you create or upload in the Services (project names, prompts, generated content, files).
  • Support messages and form submissions.

B. Information collected automatically

  • Usage data and logs (app events, feature interactions, crash reports).
  • Device and network data (IP address, browser/OS type and version, time zone, language, referral URL).
  • Cookies and similar technologies (see Cookies & analytics below).

C. Information from third parties

  • Payments: limited billing details and transaction metadata from our payment providers. We do not store full card numbers.
  • Email & CRM: subscription status and engagement metrics from our email service provider.
  • Single sign‑on/OAuth (if used): account identifiers and tokens.

Sensitive information: we do not seek to collect special category/sensitive personal information (e.g., health, biometrics, precise geolocation, government IDs). Please don’t upload it. If you do, we’ll process it only to provide the Service and will not use or disclose it for additional purposes.

3. Why we use your information

A. Purposes (what we do)

  • Provide, maintain and secure the Services (account creation, authentication, service delivery).
  • Process transactions and detect/prevent fraud.
  • Customer support and service communications.
  • Improve the Services (analytics, debugging, product research).
  • Marketing communications only with your permission (you can unsubscribe any time).
  • Legal compliance (tax records, regulatory obligations), and to protect our rights.

B. UK/EU legal bases (why it’s lawful)

For UK/EU users we rely on one or more of these bases:

  • Contract – to provide the Services you requested or to take steps at your request before entering a contract.
  • Consent – for non‑essential cookies/analytics and email marketing. You can withdraw consent at any time.
  • Legitimate interests – to secure our Services, prevent abuse, measure basic service performance, and improve features (we balance these interests against your rights).
  • Legal obligation – to keep records required by law, respond to lawful requests, and meet regulatory requirements.

4. Cookies & analytics

  • We use cookies and similar technologies for essential operations (e.g., login, session management) and, with your permission, for analytics/measurement.
  • Non‑essential cookies (e.g., analytics) are not set unless you opt‑in through our banner or settings. You can change your preferences at any time .
  • We currently use Google Analytics to understand how our websites are used. We do not allow Google to identify individual visitors. Where available, we enable privacy‑protective controls (e.g., IP masking) and honor your consent choices.

5. Sharing your information

We share personal information with:

  • Service providers/Processors who help us run the Services (e.g., hosting, analytics, email delivery, payments, customer support). They act under contract, must keep data confidential, and may not use it for their own purposes.
  • Professional advisors (accountants, auditors, lawyers) where necessary.
  • Authorities if required by law or to protect our rights, users, or others.
  • Business transfers: if we reorganise, merge, or sell assets, information may transfer as part of the transaction (your rights continue).

We do not sell personal information. We do not share personal information for cross‑context behavioural advertising.

6. International transfers

We are UK‑based. Some providers are outside the UK/EEA (including the United States). When we transfer personal information internationally, we use one of these safeguards:

  • Transfers to US organisations certified under the UK Extension to the EU‑US Data Privacy Framework ("UK‑US Data Bridge");
  • The UK International Data Transfer Agreement ("IDTA") or the UK Addendum to the EU Standard Contractual Clauses;
  • Other valid safeguards under UK/EU law.

Where required, we also carry out transfer risk assessments and implement supplementary measures.

7. How long we keep information

We keep personal information only as long as necessary for the purposes set out above:

  • Account data: for the life of your account, then a reasonable period for queries/disputes.
  • Transaction records: typically 6 years for tax/audit.
  • Marketing preferences: until you unsubscribe or we delete inactive lists.
  • Support tickets: generally 24 months after closure unless needed longer.

We’ll delete or anonymise data when we no longer need it.

8. Your rights

A. UK/EU residents (UK GDPR/EU GDPR)

You have the right to be informed, access, rectify, erase, restrict, object, data portability, and to withdraw consent. You also have rights related to automated decisions (we don’t use automated decisions with legal or similar effects).

  • How to exercise: email inspiredsoft@icloud.com with the subject "Privacy Request" and tell us which right you want to exercise. We may ask you to verify your identity.
  • Complaints: you can complain to the UK Information Commissioner’s Office (ICO). See ico.org.uk. If you reside in the EEA, you can contact your local supervisory authority. 

Reference: ZA681648

B. California residents (CCPA/CPRA)

If you’re a California resident, you have the right to know/access, delete, correct, opt‑out of sale/share, limit the use of sensitive PI, and not be discriminated against for exercising your rights.

  • How to exercise: email inspiredsoft@icloud.com with the subject "California Privacy Request". If you use a Global Privacy Control (GPC) or similar opt‑out preference signal in your browser, we will treat it as a valid opt‑out of sale/share for that browser.
  • Authorised agents: you can designate an agent to make a request on your behalf; we may need proof of agency and to verify your identity.
  • Minors: we do not knowingly sell or share the personal information of consumers under 16.

9. California "Notice at collection"

Below are the categories of personal information we collect, the purposes, whether we sell/share, and typical retention.

Category (examples)SourcesPurpose(s)Sold/Shared?Typical retention
Identifiers (name, email, IP address, device IDs)You; automatic; service providersProvide and secure Services; support; account; fraud prevention; legal complianceNoAccount life + up to 6 years for compliance
Customer records & billing infoYou; payment providersBilling, tax and accounting; supportNo6 years
Commercial info (purchases, subscription history)You; payment providersProvide Services; support; improve featuresNoAccount life + 6 years
Internet/network activity (logs, pages viewed)Automatic; analyticsSecurity; performance; analytics (with consent)No12–24 months
Geolocation (approximate from IP)AutomaticContent localisation, fraud detectionNo12–24 months
Inferences (basic preferences from interactions)Analytics (with consent)Improve Services, relevanceNo12–24 months
Sensitive PI (e.g., precise geo, gov IDs)Not soughtN/A (if incidentally processed, only to provide the Service)NoMinimal; deleted as soon as practicable

We do not sell personal information and we do not share it for cross‑context behavioural advertising. If that changes, we will update this notice and provide a conspicuous “Do Not Sell or Share My Personal Information” mechanism.

10. Marketing choices

  • Email: you can unsubscribe any time using the link in our emails or by contacting us.
  • Cookies/analytics: manage your preferences.

11. Security

We use administrative, technical, and physical safeguards appropriate to the nature of the data and the risks involved. No system is perfectly secure; if we detect a breach that impacts you, we will notify you as required by law.

12. Children

Our Services are intended for users 13+. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we’ll delete it.

13. Changes to this policy

When we update this policy, we’ll change the “Last updated” date and post the new version here. If changes are material, we’ll take additional steps to notify you.

14. Contact us

Questions or requests?
Email: inspiredsoft@icloud.com
Postal: 18 Harkers House, Knottingley, West Yorkshire, wf11 8DN

Short version (summary)

  • We collect only what we need to run Escribe.
  • We don’t sell personal data or share it for cross‑context behavioural ads.
  • Cookies for analytics are opt‑in.
  • UK/EU users: full GDPR rights.
  • California users: CCPA/CPRA rights, including opt‑out via GPC.
  • International transfers follow approved safeguards (e.g., UK‑US Data Bridge/IDTA).
>