Data Protection Policy

Last updated: June 2026

Telali Limited (\"we\", \"us\", or \"our\") is committed to protecting personal data in compliance with the Data Protection Act 2018 and the UK GDPR.

1. Data Protection Principles

We process personal data according to the core principles of GDPR:

• Lawfulness, fairness, and transparency: Data is processed lawfully and transparently.
• Purpose limitation: Data is only collected for specified, explicit, and legitimate purposes.
• Data minimization: We only collect data that is strictly necessary for our projects.
• Accuracy: Personal data is kept accurate and up to date.
• Storage limitation: Data is retained only as long as necessary.
• Integrity and confidentiality: Data is secured using appropriate technical and organizational measures.

2. Data Processing Boundaries

All database instances, backups, and staging environments are hosted exclusively within UK or European Union boundaries by default.

3. Automated PII Masking

When engineering RAG or AI extraction pipelines, we implement automated pre-processing steps to mask personally identifiable information (PII) before sending payloads to LLM APIs.