FixDesk AI

Privacy Notice

Last updated: June 22, 2026

This Privacy Notice explains how FixDesk AI ("FixDesk AI", "we", "us") collects, uses, shares, and protects personal data when you use our website and the FixDesk AI service (the "Service"). FixDesk AI acts as the data controller for personal data we collect about account holders and end users of the Service.

1. Personal data we collect

  • Account data: name, work email address, hashed password, company name, and role (admin / member).
  • Profile and team data: company name, custom AI instructions you configure, and the list of teammates in your workspace.
  • Service content: the questions you ask the AI, screenshots or images you attach, tickets you create, and knowledge base articles you save.
  • Usage and telemetry: pages visited, features used, request timestamps, AI question counts, and error logs.
  • Device and connection data: IP address, browser and device type, language, and approximate location derived from IP.
  • Support communications: messages you send us and our replies.
  • Billing metadata: subscription plan, status, renewal date, and a reference to your customer record at our payment provider. We do not store full payment card details — these are handled by Paddle.

2. How and why we use personal data

  • Provide the Service — create and manage accounts, run the AI help desk, store tickets and knowledge base entries (legal basis: performance of a contract).
  • Security and fraud prevention — detect abuse, rate-limit requests, investigate incidents (legitimate interests).
  • Service improvement — analyse aggregate usage to improve reliability and quality (legitimate interests).
  • Customer support — respond to your questions (performance of a contract / legitimate interests).
  • Billing and tax — manage your subscription and meet our financial and tax obligations (contract / legal obligation). Payment processing is performed by Paddle as Merchant of Record.
  • Legal compliance — comply with applicable laws and respond to lawful requests (legal obligation).

3. AI processing

Questions you ask, attached images, and your company's custom instructions are sent to the AI model provider used by FixDesk AI to generate a response. We do not use your inputs to train third-party foundation models. We store your questions and the AI's answers in your workspace so your team can search, escalate, or save them as knowledge base articles.

4. Who we share personal data with

  • Service providers (subprocessors) — hosting, database, authentication, file storage, error monitoring, and the AI model provider that powers the troubleshooting responses.
  • Paddle.com Market Ltd. ("Paddle") — our Merchant of Record. Paddle processes payments, manages subscriptions, calculates and remits tax, issues invoices, and handles refund requests on our behalf. See Paddle's privacy notice at paddle.com/legal/privacy.
  • Professional advisers — lawyers, accountants, and auditors under appropriate confidentiality obligations.
  • Authorities — where required by law, court order, or to protect rights, property, or safety.
  • Successors — in connection with a merger, acquisition, or sale of assets, in which case personal data remains subject to this Notice.

We do not sell personal data.

5. International transfers

Personal data may be processed in countries outside your own, including outside the UK and EEA. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms approved by competent authorities.

6. Data retention

We keep personal data only for as long as needed to provide the Service and to meet legal, accounting, and security obligations. When you delete a workspace, we delete or anonymise the associated personal data within a reasonable period, except where we are required to retain it (for example, financial records). Billing records held by Paddle are retained per Paddle's own retention policy.

7. Security

We use appropriate technical and organisational measures designed to protect personal data, including encryption in transit, access controls, audit logging, and least-privilege server access. No system is perfectly secure; you are responsible for safeguarding your account credentials.

8. Your rights

Depending on where you live, you may have the right to access, correct, delete, restrict, or object to certain processing of your personal data; to receive a portable copy; and to withdraw consent where processing is based on consent. UK/EEA residents may also lodge a complaint with their local supervisory authority. To exercise these rights, contact us using the details below. We will respond within the period required by applicable law (typically one month under the UK GDPR / GDPR).

9. Cookies

We use cookies and similar technologies that are strictly necessary to operate the Service — for example, to keep you signed in. We do not currently use advertising cookies. If we add analytics or marketing cookies in the future, we will update this Notice and request consent where required.

10. Children

The Service is not directed to children under 16 and we do not knowingly collect their personal data.

11. Changes to this Notice

We may update this Privacy Notice from time to time. We will post the new version here with an updated "Last updated" date and, where the change is material, notify you in-app or by email.

12. Contact us

For privacy questions or to exercise your rights, contact FixDesk AI through your account's support channel, or by emailing the address listed in your account settings. See also our Terms of Service and Refund Policy.