Home/Privacy Policy

Privacy Policy

How Level 1 Virtual Solutions Ltd (trading as Batra.ai) collects, uses, stores and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Last updated: 9 May 2026

1. Who we are

The data controller responsible for your personal data is:

Level 1 Virtual Solutions Ltd (trading as Batra.ai)
Registered in England & Wales
ICO Registration: ZC136917
Email: [email protected]
Website: batra.ai

Batra.ai provides professional networking, Wi-Fi, CCTV, smart home installation and AI solutions for homes and businesses.

2. Data we collect

When you visit our website or interact with us, we may collect and process the following categories of personal data:

2.1 Contact information

  • Name
  • Email address
  • Phone number
  • Company name (if applicable)

This information is collected when you submit our contact form, book a free consultation, or otherwise get in touch with us.

2.2 Website browsing data

  • Pages visited and time spent on the site
  • Referring website or search terms
  • Browser type and device information
  • IP address (collected by Cloudflare for security purposes)

2.3 Blog and content interaction

  • Blog posts viewed
  • Search queries within the site

2.4 AI Receptionist (voice calls)

When you call our business telephone number, your call is answered by Alice, our AI-powered voice receptionist. During this interaction, we process and store:

  • Call transcript — a text transcript of the conversation between you and Alice, generated automatically from your speech using Deepgram’s speech-to-text service
  • Call metadata — the date and time of the call, and call duration
  • Callback details (if you request a callback) — your name, phone number, and a brief summary of your query, as you provide them during the call
  • Your phone number — passed to us by our telephone network provider as part of the call connection

We do not retain an audio recording of your call — only the text transcript generated during the conversation. The transcript is processed in real time by OpenAI’s language model to enable Alice to respond naturally, and by ElevenLabs to generate Alice’s voice responses.

The legal basis for this processing is legitimate interests (Article 6(1)(f) UK GDPR) — specifically, our legitimate interest in handling inbound customer enquiries efficiently and maintaining a record of those interactions for quality assurance and dispute resolution purposes. We have carried out a balancing test and determined that this processing does not override your fundamental rights, given that: (a) callers are interacting with a business in a commercial context; (b) only text transcripts (not audio recordings) are retained; and (c) transcripts are deleted automatically after 12 months.

3. How we use your data

We use your personal data for the following purposes:

  • Responding to enquiries — replying to contact form submissions, consultation requests, and general questions about our services
  • Communication — sending you information about our services, appointment confirmations, and service updates by email
  • Marketing — sending newsletters or promotional content (only with your explicit consent, and you can unsubscribe at any time)
  • Website improvement — understanding how visitors use our website so we can improve the content and user experience
  • Security — protecting the website from malicious activity and ensuring it remains available
  • AI Receptionist — answering inbound telephone calls via Alice, our AI voice receptionist; handling your enquiry; routing callback requests to our team; and maintaining a record of the conversation for quality assurance and dispute resolution purposes
  • Legal compliance — meeting our obligations under applicable laws and regulations

Under Article 6 of the UK GDPR, we process your personal data on the following legal bases:

Legal basisPurpose
Contract performance (Article 6(1)(b))Responding to your enquiries and providing information about our services when you contact us
Legal obligation (Article 6(1)(c))Meeting our obligations under applicable laws and regulations
Legitimate interests (Article 6(1)(f))Website security, improving our website content and user experience, and protecting against malicious activity
Legitimate interests (Article 6(1)(f))AI Receptionist voice call transcription — handling inbound enquiries and maintaining records for quality assurance and dispute resolution
Consent (Article 6(1)(a))Marketing communications and non-essential cookies (where applicable)

Where we rely on legitimate interests, we have carried out a balancing test to ensure our interests do not override your fundamental rights and freedoms.

5. Data retention

We retain personal data only for as long as necessary for the purposes described in this policy, or as required by law:

Data typeRetention periodReason
Contact form submissions2 yearsResponding to enquiries and providing services
Email marketing preferencesUntil you unsubscribeSending marketing communications with your consent
Website browsing data90 daysWebsite security and performance monitoring
Consultation booking data2 yearsService delivery and follow-up
AI Receptionist call transcripts12 monthsQuality assurance, dispute resolution, and handling of follow-up enquiries. Automatically deleted after 12 months.
Callback requests (name, phone, query)12 months, then anonymisedFacilitating the requested callback. After 12 months, identifying details are replaced with “[anonymised]” and the anonymised record is retained for statistical purposes only.

6. Your rights

Under the UK GDPR (Articles 15–22), you have the following rights regarding your personal data:

  • Right of access (Article 15) — you can request a copy of all personal data we hold about you (a Subject Access Request). We will respond within one calendar month.
  • Right to rectification (Article 16) — you can ask us to correct any inaccurate or incomplete personal data.
  • Right to erasure (Article 17) — you can ask us to delete your personal data. Please note that we cannot erase data that we are legally required to retain (such as financial records for HMRC compliance). In these cases, we will anonymise the data instead.
  • Right to restrict processing (Article 18) — you can ask us to limit how we use your data in certain circumstances.
  • Right to data portability (Article 20) — you can request your data in a structured, commonly used, machine-readable format.
  • Right to object (Article 21) — you can object to our processing of your data where we rely on legitimate interests as the legal basis.
  • Rights related to automated decision-making (Article 22) — we do not currently make any decisions based solely on automated processing that produce legal effects concerning you.

To exercise any of these rights, use our self-service Data Rights Portal at batra.ai/my-data/ โ€” no account needed. Alternatively, contact us at [email protected]. We will respond to all legitimate requests within one month. In complex cases, we may extend this by up to two further months, and we will inform you if this is necessary.

7. Data security

We take the security of your personal data seriously and implement appropriate technical and organisational measures, including:

  • Encryption in transit — all data transmitted between your browser and our servers is encrypted using TLS (HTTPS)
  • DDoS protection — Cloudflare provides network-level protection against distributed denial-of-service attacks
  • Secure hosting — our website is hosted on infrastructure with appropriate security controls
  • Input sanitisation — all form submissions are sanitised to prevent malicious input
  • Email security — transactional and marketing emails are sent via Brevo, a trusted email service provider with appropriate security certifications

8. Third-party processors

We share your personal data with the following third-party service providers (data processors) who process data on our behalf:

ProviderPurposeData sharedLocation
HostingerWebsite hostingWebsite content and form submissions (stored on servers)EU
CloudflareCDN, DDoS protection, DNSIP addresses, request metadataGlobal (edge nodes)
Brevo (formerly Sendinblue)Email marketing and transactional emailsEmail addresses, names, email contentEU
LiveKitReal-time voice call routing for AI ReceptionistAudio streams (not stored), call metadataUS (Standard Contractual Clauses)
DeepgramSpeech-to-text transcription of AI Receptionist callsAudio stream of your voice during the callUS (Standard Contractual Clauses)
OpenAILanguage model powering Alice’s responses during AI Receptionist callsCall transcript text in real timeUS (Standard Contractual Clauses)
ElevenLabsText-to-speech voice synthesis for Alice’s responsesAlice’s response text (not your personal data)US (Standard Contractual Clauses)

Each of these providers is bound by a Data Processing Agreement (DPA) and processes data only on our documented instructions.

9. International transfers

Your personal data is primarily processed within the United Kingdom and the European Economic Area (EEA). Where data is transferred outside the UK/EEA, we ensure adequate safeguards are in place. Such transfers occur in the following circumstances:

  • Cloudflare — IP addresses and request metadata may be processed on edge servers globally
  • AI Receptionist processing — when you call our business number, your voice audio and call transcript are processed in real time by LiveKit, Deepgram, and OpenAI, all of which operate infrastructure in the United States. These transfers are necessary to provide the AI Receptionist service and are protected by Standard Contractual Clauses (SCCs) approved by the Information Commissioner’s Office.

In all cases, we ensure adequate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the Information Commissioner’s Office
  • The provider’s compliance with applicable data protection frameworks
  • Our own assessment that the transfer does not undermine the level of protection afforded by UK GDPR

10. Cookies

Our website uses a minimal number of cookies. We do not use tracking, advertising, or analytics cookies. For full details, please see our Cookie Policy.

The main cookie-related items on this website are:

  • Cloudflare __cf_bm — a bot management cookie set by Cloudflare to distinguish between humans and automated traffic (expires after 30 minutes of inactivity)
  • Theme preference — a local storage item that remembers your light/dark mode preference for this website

11. Children’s data

Our services are designed for business and residential customers. We do not knowingly collect personal data from children under the age of 16. If you believe we have inadvertently collected data from a child, please contact us at [email protected] and we will promptly delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically.

13. Contact and complaints

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a concern about how we handle your data, please contact us:

Self-service Data Rights Portal
batra.ai/my-data/ — request a copy of your data or erasure without creating an account

Data Protection Contact
Level 1 Virtual Solutions Ltd
Email: [email protected]

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

  • Website: ico.org.uk
  • Our ICO registration: ZC136917
  • Helpline: 0303 123 1113
  • Live chat: available on the ICO website
Cookie Policy → Terms of Service →
๐Ÿ‘‹ Hi, I'm Alice Ask about our services, coverage, or book a free consultation. Same knowledge as our phone receptionist.