Last updated: September 7, 2025

We respect your privacy and want to be clear about how we handle your information. This policy explains what data we collect, why we collect it, how we use it, and your rights under the UK GDPR and the Data Protection Act 2018.

Who we are

Sales Rocket Ltd
2-4 Primitive Street
Huddersfield, United Kingdom, HD1 1QZ

If you have questions about this policy or how we use your data, contact us at [email protected].

What this policy covers

This policy applies to:

Website visitors – people who browse salesrocket.uk or speed2lead.co.uk.

Clients – businesses we work with directly.

Client leads – individuals whose data is uploaded to our systems for AI-driven calls, SMS, or other automation.

When we work with client-provided lead data, we act as a data processor. When we collect data directly (e.g. through our websites), we act as a data controller.

The data we collect

Website visitors

- Contact details you provide (name, email, phone, company details)

- Usage data (IP address, device, browser, pages visited, time on site)

- Cookies and analytics (Google Analytics, Meta Pixel, PostHog)

Clients

- Business contact details (name, email, phone, company address)

- Payment details (if applicable)

Client leads

- Names, phone numbers, email addresses

- Responses during calls or messages

- Call recordings and conversation summaries

How we use the data

We use your data to:

- Provide our services (AI calling, SMS/WhatsApp outreach, database reactivation, out-of-hours support)

- Deliver demos, respond to enquiries, and support clients

- Improve our services (through analytics and testing)

- Meet legal obligations (e.g. records for accounting, compliance)

We do not sell personal data.

Legal basis for processing

We process personal data under:

- Contract – to deliver services you’ve asked for.

- Legitimate interests – to help our clients contact their leads, improve services, or run analytics.

- Consent – for cookies, email marketing, and optional communications.

Third-party providers

We use trusted providers to deliver our services. This may involve transferring data to them:

- Vapi – voice AI infrastructure

- Twilio – telephony services

- Make.com – automation platform

- GoHighLevel (GHL) – CRM

- Google Analytics – website analytics

- Meta (Facebook/Instagram) – advertising

- PostHog – product analytics

Some of these providers are based outside the UK/EU. Where that’s the case, we use Standard Contractual Clauses (SCCs) or other safeguards required by UK GDPR.

Data retention

- Call recordings – kept for 12 months, then deleted.

- Client lead data – kept for 12 months, unless clients request earlier deletion.

- Website analytics (cookies) – retained according to provider defaults (Google Analytics typically 14 months).

Your rights

You have the right to:

- Access the personal data we hold about you

- Correct inaccurate data

- Request deletion of your data

- Restrict or object to how we process your data

- Request data portability

- Complain to the ICO (UK regulator) if you believe we’re mishandling your data

To exercise any of these rights, email [email protected].

Security

We take appropriate security measures to protect personal data, including encryption, access controls, and secure hosting. However, no system is 100% secure.

Children’s data

Our services are aimed at businesses. We do not knowingly collect data from anyone under 18.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we’ll post the new version here and update the “Last updated” date at the top.

Contact us

If you have any questions about this Privacy Policy, email [email protected].