Pre-publication notice. This document is a draft prepared for review by a UK data-protection solicitor before Jottle opens signup to non-friends. It has not yet been reviewed by a solicitor. Placeholders in square brackets must be filled in before publication. See
legal/SOLICITOR-BRIEFING.mdfor the open questions and the proposed decisions on each.
Jottle is a voice-first quote-generation web app for UK tradespeople. It is operated by Braden Lee trading as Jottle ("we", "us", "our"), of [Operator postal address — virtual office to be confirmed], United Kingdom. You can reach us about anything in this policy at privacy@jottle.co.uk.
For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we are the data controller for information we collect about you — the tradesperson using Jottle. For information you put into Jottle about your own customers and crew, you are the data controller and we are your data processor, acting on your instructions. The terms governing that processor relationship are set out in our Data Processing Agreement.
We are registered with the UK Information Commissioner's Office (ICO) as a data controller. Our ICO registration number is [ICO registration number — to be added once the data-protection fee is paid, before non-friend launch].
If you only read this section, here's the headline:
The rest of this document is the detail.
We collect five categories of personal data. For each, the table below sets out the purpose and the lawful basis we rely on under Article 6 of the UK GDPR.
| Category | What this includes | Why we process it | Lawful basis |
|---|---|---|---|
| Account data | Email address, encrypted password, the business details you enter during onboarding (business name, contact name, phone, public business email, business address, website, trade type, logo, pricing guide, preference flags) | To create and run your Jottle account, deliver the features you signed up for, and let you sign in | Article 6(1)(b) — Contract performance |
| Quote and job content (about your customers) | The customer details you enter or dictate (name, address, phone, email), quote scope-of-works text, prices, intro text, payment terms, photos, AI dictation transcripts, invoice details, job notes, propose-availability slots | To deliver the Jottle service to you, with us acting as your processor and you as the controller | Article 6(1)(b) — Contract performance (between you and us). The lawful basis under which you process your customers' data is your responsibility — see Section 4 of the DPA |
| Crew data (about your team members) | Crew name, optional phone, email, role, day rate, colour preference, notes, vCard imports, active flag | Same as above — held by us as your processor | Same as above |
| Customer signature and view evidence | When a customer opens a quote we log the view timestamp, IP address and user-agent. When they sign we additionally store their typed name, drawn signature image, IP, user-agent at signing, and a SHA-256 hash of the quote content at the moment of signing | To create a defensible, auditable record that a specific quote was accepted by an identified individual at a specific moment | Article 6(1)(f) — Legitimate interests: establishing, defending and pursuing legal claims arising from accepted quotes, in particular under the Limitation Act 1980 |
| Usage logs | A row for every AI feature call: timestamp, action type, your user id, AI provider's reported cost in pence, token / audio-second counts | Cost tracking, fraud prevention, enforcing the monthly fair-use cap, and basic operational security | Article 6(1)(f) — Legitimate interests: keeping Jottle running and safe at a sustainable cost |
Source of personal data we hold about people other than you (Article 14 UK GDPR). Where the table above describes personal data about your customers, crew, employees, contractors or quote viewers, we obtain that data from you — the tradesperson — through your direct entry, voice dictation, photo upload or vCard import into Jottle. We are not the controller for that data (you are), and we hold it as your processor in line with the Data Processing Agreement. You, the tradesperson, are responsible for giving your customers and crew the privacy information that Article 14 requires of you. We will help where we reasonably can — see DPA Section 7.4.
Whether you have to provide your information. Your account data (Section 3, row 1) is required by contract — without it we cannot create or run your Jottle account. You can decline to provide optional account fields (such as website URL or logo) but the service will be less complete. The other categories in Section 3 are populated by you as you use the features; you choose which features to use.
We do not collect device identifiers, location data, browsing history, or any data beyond what is described above.
We do not use third-party advertising trackers, behavioural-targeting cookies, or third-party analytics. We do not profile you and we do not engage in any automated decision-making that produces legal or similarly significant effects on you (Article 22 UK GDPR). We are not currently required to appoint a Data Protection Officer under Article 37 UK GDPR; if that changes we will name our DPO here.
We do not knowingly collect special category data (Article 9 UK GDPR — health, biometric, racial origin, political beliefs, etc.). You should not enter special category data about your customers or crew into Jottle. If you need to do so for a specific job, please email us first at privacy@jottle.co.uk so we can agree the appropriate safeguards in writing.
We rely on a small number of carefully chosen sub-processors to deliver the service. Each is bound by its own written data-processing terms with us, and we have considered each before adopting it.
The current sub-processor list, with role, location and the international-transfer safeguard relied on for each, is maintained as Annex A to our Data Processing Agreement.
A summary as of the "Last updated" date at the top of this document:
| Sub-processor | Role | Location |
|---|---|---|
| Supabase Inc. | Database, authentication, file storage | EU/UK region (eu-west-2 London) |
| Anthropic PBC | AI quote generation, customer-message drafting, voice-booking parsing, photo analysis | United States |
| OpenAI, L.L.C. | Voice transcription (Whisper) | United States |
| Netlify, Inc. | Frontend hosting and CDN | United States |
| Ideal Postcodes Ltd (postcodes.io) | UK postcode-to-area lookup (no personal data; only the postcode is sent) | United Kingdom |
| GoDaddy / domain DNS provider | DNS for jottle.co.uk | United States |
Both Anthropic and OpenAI operate with Zero Data Retention (ZDR) enabled on our API tier wherever the provider supports it. This means your prompts, transcripts and generated content are not retained for training or any other purpose by the AI providers beyond the time required to process the request.
We will update the list and the "Last updated" date before adding any new sub-processor and will notify you at sign-in of any material change in time for you to object before the change takes effect, in accordance with Section 9 of the DPA.
Some sub-processors are based outside the United Kingdom. Where we transfer your personal data outside the UK we rely on one of the safeguards permitted under UK GDPR, picked per-recipient:
You can request a copy of the specific transfer mechanism relied on for any sub-processor by emailing privacy@jottle.co.uk. The current per-sub-processor safeguards are listed in Annex A of the DPA.
We keep your data for as long as is necessary for the purpose we collected it.
| Data category | Retention period |
|---|---|
| Account data, quote content, crew data, usage logs | While your account is active. On account deletion, all of this is marked for deletion and permanently erased 30 days later (see Section 8). |
| Customer signature and view evidence | While your account is active plus six (6) years after the quote was signed, in line with the Limitation Act 1980 contract-claim period. Held to allow you to defend or pursue a claim under an accepted quote. |
| Database backups | Up to 90 days after the live data has been deleted, after which backups are rotated out and overwritten in the normal course of backup rotation. Used solely for disaster recovery. |
| Pseudonymous service-performance metrics | Indefinitely, but stripped of any link to you or your customers (aggregate counts only). |
If we change a retention period materially, we will tell you at sign-in.
You can delete your account at any time from Settings → Danger zone → Delete account. When you do:
Signature evidence (Section 7 above) is retained for the six-year contractual-claim period even after the rest of your data is deleted, in the form of a minimum-necessary record (signature image, IP, user-agent, content hash, quote number, signer-typed name, signing timestamp). This is necessary to defend any later legal claim. After six years it is also deleted.
Under UK GDPR you have the right to:
We will respond to any rights request within one month of receipt. We may extend this by up to two further months for complex requests, in which case we will tell you within the first month. There is no charge unless the request is manifestly unfounded or excessive.
To exercise any right, email us at privacy@jottle.co.uk.
If you are unhappy with how we have handled your data, you have the right to complain to the Information Commissioner's Office at ico.org.uk, by phone on 0303 123 1113, or by post to Wycliffe House, Water Lane, Wilmslow SK9 5AF. We would, however, appreciate the chance to address your concerns before you approach the ICO — please email privacy@jottle.co.uk first.
We do not use tracking cookies, advertising cookies, or third-party analytics.
The app stores a small amount of information in your browser's localStorage to remember your preferences — for example, which email provider you last used to send a quote, whether you've previously signed in (so we default the auth screen sensibly), and what features you've enabled. This information stays on your device, is not transmitted to us, and is deleted when you clear your browser data or sign out.
Supabase uses a strictly necessary first-party authentication cookie to keep you signed in. This is set only after you sign in and is used for no other purpose.
We will publish a separate Cookie Policy if and when we add any non-essential cookie or third-party analytics. None are in use at the time of this version.
When you send a quote to your customer, Jottle generates a unique public URL containing a random token. Anyone with the URL can view the quote — by design, so that you can text or email it to a customer who isn't a Jottle user.
When a quote is opened, Jottle records the view timestamp, IP address and user-agent of the viewer. When a quote is signed, we additionally record the typed name, drawn signature image, signing timestamp, and a SHA-256 content hash of the quote at signing time. This data is held under legitimate interests, for the purpose of letting you defend or pursue the resulting contract — see Sections 3 and 7.
A short customer-facing privacy notice is linked from the footer of every public quote page so that the viewer is informed in line with Article 13 UK GDPR. You, the tradesperson, are the controller of the viewer's data; we are your processor. If the viewer asks you to exercise a data right, you must handle the request — we will assist you in line with the DPA.
The same applies to the public proposals page (where a customer picks a time slot) and to the public .ics calendar feed (if you have enabled one for your crew).
Our security measures, expressed in the language UK GDPR Article 32 requires, include:
No system is perfectly secure. If you think you've found a security issue, please email security@jottle.co.uk rather than disclosing it publicly so we can address it before it can be exploited. We aim to acknowledge security reports within two working days.
When you use Jottle's voice and AI features, the following happens:
AI outputs are drafts for your review. We say more about that in Section 9 of the Terms of Service.
We will only send you product update or marketing emails if you have actively opted in at signup or in Settings. You can opt out at any time using the unsubscribe link in any such email or by changing your preference in Settings. Transactional emails about your account (such as a password reset, a billing notification when paid plans launch, or an important service announcement) are not marketing and are sent regardless of your marketing preference, but only where strictly necessary.
We do not share your email address with any third party for their own marketing.
Jottle is intended for use by tradespeople running their business and is not aimed at children. We do not knowingly collect personal data from anyone under the age of 18. If you believe a child has signed up, please email us and we will delete the account.
We may update this policy from time to time. The "Document version" and "Last updated" fields at the top will always reflect the current version. If we make a material change — anything that alters what data we collect, why, who we share it with, your rights, or how long we keep your data — we will notify you at least 14 days in advance by email and re-prompt you to acknowledge the new policy at next sign-in. Minor clarifications and typographical corrections will be made without notice but reflected in the version history.
A change log of previous versions, with effective dates, is maintained at jottle.co.uk/legal/privacy/history — to be created when v1.0 is published.
For any privacy question, request or complaint:
Braden Lee trading as Jottle [Operator postal address] privacy@jottle.co.uk
This policy is published under our Terms of Service. The processor relationship for the data you upload about your customers and crew is governed by the Data Processing Agreement, which forms Schedule 1 to those Terms.