Privacy Notice
Taliara Ltd Last updated: 22 May 2026
1. Who We Are
TALIARA LIMITED (company number 17228820) ("Taliara", "we", "us", or "our") is a company registered in England and Wales. We operate a developer SDK and associated platform for lawyer validation of AI agent outputs (the "Service").
TALIARA LIMITED is the data controller responsible for the personal data collected through the Service. This means we determine the purposes and means of processing your personal data.
If you have any questions about this Privacy Notice or our data practices, please contact us at:
Email: hello@taliara.co.uk Address: 167-169 Great Portland Street, London, England, W1W 5PF (Company number: 17228820)
We do not currently have a designated Data Protection Officer. If you have a concern that cannot be resolved through the above contact, you have the right to complain to the Information Commissioner's Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.
2. Scope of This Notice
This Privacy Notice applies to:
- visitors to our website;
- developers and businesses who register for or use the Taliara SDK and API; and
- any individual whose personal data is processed in connection with their use of the Service.
It does not apply to third-party websites or services that may be linked from our platform — those services have their own privacy policies which you should review separately.
3. What Personal Data We Collect
Depending on how you interact with the Service, we may collect and process the following categories of personal data:
Identity and Contact Data Name, job title, email address, and (where relevant) company name and billing address.
Account Data Username, password (stored in hashed form), account preferences, and usage settings.
Technical and Usage Data IP address, browser type and version, operating system, referring URLs, pages visited, time zone, device identifiers, and information about how you use the Service (e.g. API call logs, SDK version, error logs).
Transaction and Billing Data Records of purchases, subscription tier, billing history, and payment method details. Note: full payment card numbers are processed directly by our payment provider and are not stored by us.
Communications Data Records of correspondence you send us, including support requests, feedback, and enquiries.
Aggregated and Anonymised Data We may generate and use aggregated, anonymised usage statistics (e.g. feature adoption rates). Once anonymised such data is not personal data and falls outside this Notice.
We do not intentionally collect special category data (such as health, racial or ethnic origin, religious beliefs, or biometric data) through the Service. If you believe special category data has been submitted, please contact us immediately so we can address it.
We do not knowingly collect personal data from children under 18. If you become aware that a child has provided us with personal data without parental consent, please contact us.
4. How We Collect Personal Data
We collect personal data through the following means:
- Direct interactions — when you register for an account, install the SDK, make a payment, contact us for support, or otherwise provide information to us directly.
- Automated technologies — when you use the Service, we automatically collect Technical and Usage Data via server logs, cookies, and similar technologies (see Section 9 on Cookies).
- Third-party sources — we may receive data from payment processors, identity verification services, or analytics providers in the ordinary course of providing the Service.
5. How and Why We Use Your Personal Data
We only process personal data where we have a lawful basis to do so under UK GDPR. The table below sets out the main purposes for which we use your data and the legal basis relied upon.
| Purpose | Data used | Lawful basis |
|---|---|---|
| Creating and managing your account | Identity, Contact, Account Data | Performance of a contract |
| Providing and improving the Service | Account, Technical, Usage Data | Performance of a contract; Legitimate interests (improving reliability and features) |
| Processing payments and managing billing | Transaction, Identity, Contact Data | Performance of a contract; Legal obligation |
| Sending service-related communications (e.g. product updates, security alerts) | Identity, Contact Data | Performance of a contract; Legitimate interests |
| Sending marketing communications (where you have opted in) | Identity, Contact, Communications Data | Consent |
| Responding to support requests and enquiries | Identity, Contact, Communications Data | Performance of a contract; Legitimate interests |
| Ensuring security, detecting fraud, and preventing misuse | Technical, Usage Data | Legitimate interests; Legal obligation |
| Complying with legal and regulatory obligations | All relevant categories | Legal obligation |
| Analytics and product development | Aggregated/anonymised usage data | Legitimate interests |
Where we rely on legitimate interests, we have assessed that our interests do not override your rights and freedoms. You may request details of that assessment by contacting us.
6. Marketing
We will only send you marketing communications if you have opted in to receive them. You may withdraw consent or opt out at any time by:
- clicking the unsubscribe link in any marketing email; or
- contacting us at hello@taliara.co.uk.
Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.
7. Sharing Your Personal Data
We do not sell your personal data. We may share it with:
- Service providers — third parties who provide hosting, payment processing, analytics, email delivery, and support tooling on our behalf, under appropriate data processing agreements.
- Legal and regulatory authorities — where required to comply with a legal obligation, court order, or governmental request.
- Business transfers — in connection with any merger, acquisition, or sale of all or substantially all of our business, subject to confidentiality obligations.
- Professional advisers — lawyers, auditors, and insurers who require access in the ordinary course of their professional services.
We require all third parties to handle your data securely and only in accordance with our instructions.
8. International Transfers
We are based in England and Wales and primarily process data within the UK and European Economic Area. Where data is transferred outside the UK, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or equivalent standard contractual clauses approved by the ICO.
If you would like further information about the specific safeguards applied to international transfers, please contact us.
9. Cookies
Our website and Service use cookies and similar tracking technologies to distinguish you from other users, improve your experience, and analyse usage patterns. The types of cookies we use include:
- Strictly necessary cookies — essential for the Service to function.
- Analytics cookies — help us understand how the Service is used (e.g. Google Analytics or equivalent).
- Preference cookies — remember your settings and preferences.
You can manage or disable non-essential cookies through your browser settings. Disabling certain cookies may affect the functionality of the Service.
10. Data Retention
We retain personal data only for as long as necessary for the purposes described in this Notice, or as required by law. In general:
- Account data is retained for the duration of your account and for 12 months after closure.
- Transaction and billing data is retained for 7 years to comply with financial and tax obligations.
- Technical and usage logs are retained for 90 days unless required longer for security or legal purposes.
- Marketing preference records are retained until you withdraw consent and for a reasonable period thereafter.
When we no longer need personal data, we securely delete or anonymise it.
11. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or disclosure. These include encryption in transit and at rest, access controls, and regular security reviews.
No method of transmission over the internet is completely secure. If you have reason to believe your interaction with us is no longer secure, please notify us immediately.
12. Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access — to obtain a copy of the personal data we hold about you.
- Right to rectification — to request correction of inaccurate or incomplete data.
- Right to erasure — to request deletion of your data in certain circumstances ("right to be forgotten").
- Right to restrict processing — to request that we limit how we use your data in certain circumstances.
- Right to data portability — to receive your data in a structured, machine-readable format.
- Right to object — to object to processing based on legitimate interests, including direct marketing.
- Rights related to automated decision-making — to not be subject to a decision made solely by automated means which significantly affects you, without human review.
To exercise any of these rights, please contact us at hello@taliara.co.uk. We will respond within one month of receipt. In complex or high-volume cases we may extend this by a further two months, with notice to you. We may ask you to verify your identity before processing your request.
You also have the right to lodge a complaint with the ICO at any time (see Section 1 for contact details).
13. Changes to This Notice
We may update this Privacy Notice from time to time. When we make material changes, we will notify you by email (where we hold your email address) or by posting a prominent notice on our website. The "last updated" date at the top of this Notice will always reflect the most recent version.
We encourage you to review this Notice periodically.
14. Contact Us
For any questions, concerns, or to exercise your data rights, please contact:
Taliara Limited 167-169 Great Portland Street, London, England, W1W 5PF Company number 17228820 Email: hello@taliara.co.uk