Privacy & Data Governance Policy

1. Overview

This policy explains how we handle your personal data when you contact us, engage our services, or use our website. We keep things simple: we only collect what we need, we use it responsibly, and we do not share it outside our organisation except with a small number of selected partners who help us deliver our work.

2. What data we collect

We collect:

  • Information you submit through enquiries or contact forms
  • Details provided during engagements (e.g. project information, contact details)
  • Basic usage data from our website (via cookies and analytics tools)

We do not collect unnecessary personal information, and we do not buy or sell data.

3. How we use your data

We use your data to:

  • Respond to enquiries
  • Manage and deliver engagements
  • Provide updates or information you have asked for
  • Improve our website and services

We only use your data for legitimate business purposes connected to System Software.

4. AI usage

We use AI tools to support productivity and delivery, including Microsoft Copilot and other Microsoft AI services. All AI usage follows:

  • Microsoft’s Responsible AI principles
  • Microsoft’s security, compliance and data-handling guidelines
  • Our internal rules on how we handle data
  • Strict controls to ensure personal details never leave the organisation

We do not send your personal data to external AI systems outside our governance framework.

5. Sharing your data

We do not share your data outside System Software except:

  • With selected delivery partners working directly with us on your engagement
  • Where required by law

Partners only receive the minimum data required and must follow equivalent privacy and security standards. We never sell, trade or disclose your data for marketing purposes.

6. Cookies & website tracking

Our website uses cookies and analytics tools to:

  • Understand how visitors use the site
  • Improve performance and content
  • Support basic functionality

You can control or disable cookies through your browser settings.

7. Data security

We use modern security practices to protect your data, including:

  • Secure storage and access controls
  • Encryption where appropriate
  • Governance aligned with Microsoft’s security and compliance standards

Only authorised personnel can access your data.

8. Your rights

You can request:

  • Access to the data we hold about you
  • Correction of inaccurate information
  • Removal of your data (where legally permissible)

Contact us at any time to exercise these rights.

9. Contact

If you have questions about this policy or how we handle your data, contact:

System Software
Email: info@systemsoftware.uk
Website: www.systemsoftware.uk

AI Governance Statement

Our approach to AI

System Software uses AI to improve productivity, support delivery and enhance the quality of our work. Our simple principle is: AI should make our work better, not risk your data, your privacy or your operational integrity.

Aligned with Microsoft’s governance and security standards

All AI usage within System Software follows Microsoft’s corporate governance framework, including:

  • Responsible AI principles
  • Security, compliance and data-handling guidelines
  • Enterprise-grade controls for identity, access and data protection
  • Clear boundaries on how data is processed, stored and retained

We only use AI services that meet Microsoft’s enterprise security and compliance requirements.

Where we use AI

We use AI for:

  • Drafting and summarising content
  • Improving productivity and operational workflows
  • Supporting analysis and decision-making
  • Enhancing software delivery and engineering processes

AI is used as a tool, not a decision-maker. Human oversight is always present.

Your data stays inside our organisation

We do not send personal or sensitive client data to external AI systems outside our governance controls.

  • Personal details never leave our organisation
  • Data is not used to train external AI models
  • AI tools only operate within secure Microsoft environments
  • Access is restricted to authorised personnel

We do not use consumer AI tools for client work.

Selected partners

Where AI is used by selected delivery partners, they must follow equivalent governance, security and data-handling standards. No partner is permitted to use your data for model training or external processing.

Transparency and control

We will always be clear about:

  • How AI is used in your engagement
  • What data is processed
  • How it is protected
  • What controls are in place

If you prefer that AI is not used within your engagement, we can accommodate that.

Continuous review

AI governance is not static. We review our policies regularly to ensure alignment with:

  • Microsoft’s evolving AI standards
  • Industry best practice
  • Regulatory requirements
  • Operational risk management