Legal

Privacy Policy

Last updated: 1 May 2026

Short version: we collect the minimum personal data needed to talk to you (name, email, company, what you wrote in the booking form). We don't sell it, we don't share it, and we don't use your industrial data to train public AI models. Ever.

1. Who we are

Rob Reliability ("we", "us", "our") is the data controller for the personal data processed through this website (robreliability.com) and during commercial engagements. Contact details are listed in the Legal Notice.

2. What personal data we collect

We collect personal data that you actively provide:

Booking & contact data: name, professional email, company, role, message — typically via the discovery-call booking link or through email exchanges.
Engagement data: contact details of stakeholders during a paid engagement, signed by NDA.
Technical data: non-identifying analytics (page views, anonymised location, browser type) collected by our hosting provider to keep the site healthy.

We do not use third-party advertising trackers, cross-site cookies, retargeting pixels, or session-recording tools.

3. Industrial & client data

Industrial data shared during an engagement (OEM manuals, asset registries, maintenance history, CMMS extracts, photos, P&IDs, etc.) is not personal data in the strict sense, but we treat it with the same — or stricter — confidentiality:

Stored in a private, isolated knowledge base dedicated to your site.
Never shared with other clients.
Never used to train public or general-purpose AI models.
Optionally deployed on your own cloud (Azure, AWS, on-prem) if your security policy requires it.

4. Why we process your data

We process personal data on the following legal bases:

Performance of a contract: running discovery calls, scoping engagements, delivering the Services.
Legitimate interest: replying to inbound messages, keeping the website running, basic security logging.
Legal obligation: accounting, invoicing, regulatory record-keeping.

5. Sharing your data

We never sell personal data. We share it only with:

Hosting and infrastructure providers we strictly need to operate the site and the Services (e.g. Netlify for hosting, calendaring providers for booking) — under contract and only to the extent required.
Authorities, if and when legally required.

6. AI providers

Where AI processing is involved, we use enterprise-grade providers selected for their data-handling commitments. Where reasonably possible, we use deployment options that ensure your data is not used to train the provider's foundation models. Contractual data-processing terms with each provider can be reviewed on request during scoping.

7. Cookies

This website uses minimal cookies — essentially what's required for the site to function and for basic, non-intrusive analytics. We do not use advertising cookies. Where consent is required by your local law, your continued use of the site, or a "Got it" interaction, constitutes acceptance.

8. Retention

We keep personal data only for as long as needed for the purpose it was collected, plus the legal retention periods applicable to the contracting Rob Reliability entity (typically between 5 and 10 years for commercial and accounting records). Industrial client data is kept for the duration of the engagement plus the retention period defined in the engagement agreement, then securely deleted.

9. Your rights (GDPR, UK GDPR, CCPA, Australian Privacy Act & equivalent)

Depending on your jurisdiction (EU/EEA, United Kingdom, United States, Australia, or other), you may have the right to:

Access the personal data we hold about you.
Have inaccurate data corrected.
Request deletion ("right to be forgotten") where applicable.
Restrict or object to processing.
Receive your data in a portable format.
Withdraw consent where consent is the legal basis.
Lodge a complaint with your local supervisory authority (e.g. the ICO in the UK, the OAIC in Australia, your State Attorney General in the US, or your national data-protection authority in the EU/EEA).

To exercise any of these rights, write to us using the contact details in the Legal Notice. We respond within 30 days.

10. International transfers

Because we operate from the United Kingdom, the United States and Australia, and use international cloud and AI providers, your personal data may be transferred and processed across these jurisdictions. Where data is transferred outside the EEA / UK, we rely on Standard Contractual Clauses, the UK International Data Transfer Agreement, or equivalent safeguards.

11. Security

We apply reasonable technical and organisational measures (access control, encryption in transit, isolated client environments, NDAs) to protect personal and industrial data. No system is 100% secure; you remain responsible for the security of credentials and devices on your side.

12. Updates to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest version. Material changes will be communicated to active engagement clients directly.

13. Contact

For any privacy question, contact us via the details in the Legal Notice.

See also: Terms of Service · AI Disclaimer · Legal Notice