Privacy Policy (Volume 11)

Effective date: 19 January 2026

Last updated: 19 January 2026

This Privacy Policy explains how Volume 11 Limited (“Volume 11”, “we”, “us”, “our”) collects, uses, shares and protects personal data when you visit our websites or use our products and services, including Convo11 andContent11 (together the “Services”).

We are committed to protecting privacy and handling personal data responsibly. We are registered with the Isle of Man Information Commissioner.

1) Who We Are (Data Controller Details)

Controller: Volume 11 Limited

Company number: 135210C

Registered address: 9 River Walk, Braddan, Isle of Man, IM4 4TJ

Email: info@volume11.ai

For privacy queries, contact: info@volume11.ai

2) Who This Policy Applies To

This Policy applies to:

  1. Visitors to volume11.ai and related sites
  2. People who create accounts or subscribe to our Services
  3. End users authorised under a customer account
  4. Contacts / recipients who may receive messages sent through Convo11 (e.g. leads, customers, prospects)

3) The Personal Data We Collect

We collect personal data in the following categories:

A) Data you provide to us

  • Name, email address, phone number
  • Company name, job title
  • Login credentials (encrypted / hashed where applicable)
  • Support requests (messages, attachments, tickets)
  • Payment/billing contact details (limited; payment processing is handled by our payment processors)

B) Data collected automatically (website/app usage)

  • IP address, device ID, browser type
  • Pages viewed, clicks, referral URLs
  • Log data (timestamps, error logs)
  • Cookie identifiers and analytics information

C) Data processed within the Services (Customer Data)

Depending on product usage, this may include:

  • Contact lists (names, phone numbers, emails)
  • Conversation content (SMS/WhatsApp style messages, transcripts)
  • Message metadata (delivery status, timestamps, sender/recipient identifiers)
  • Campaign details (templates, segmentation labels)
  • Notes or CRM-like fields uploaded by customers
  • Content inputs and outputs (for Content11)

D) Special category data

We do not intentionally collect special category data (e.g. health, religion), but it may sometimes be included in message content if users provide it. We recommend customers avoid including sensitive data unless necessary.

4) How We Use Personal Data

We use personal data to:

  • Provide and operate the Services (including AI processing)
  • Create and manage accounts
  • Deliver messages and communications (Convo11)
  • Generate content and outputs (Content11)
  • Provide customer support and troubleshoot issues
  • Improve product performance, security and user experience
  • Prevent fraud, misuse, and abuse (including AUP enforcement)
  • Bill customers and manage subscriptions
  • Send service notices and administrative emails
  • Comply with legal obligations and respond to lawful requests

5) AI Processing and Automated Decisions

Our Services include AI-powered features. This may mean:

  • Analysing and generating message suggestions (Convo11)
  • Generating written content and recommendations (Content11)
  • Classifying messages or detecting intent
  • Summarising conversation threads

Important: human responsibility

AI outputs can be inaccurate. Customers remain responsible for reviewing content and ensuring compliance before use or sending.

Automated decision-making

We do not use automated decision-making that produces legal or similarly significant effects about individuals (as defined in data protection laws), unless explicitly stated in a product feature description.

6) Legal Bases for Processing (Why We’re Allowed to Use Data)

We process personal data under one or more of these bases:

  • Contract: to provide the Services you subscribed to
  • Legitimate interests: to operate, secure and improve our Services, prevent fraud, and support customers
  • Consent: where required for cookies/marketing
  • Legal obligation: to comply with laws or regulatory requests

If you are a recipient of messages sent via Convo11, the legal basis for contacting you is usually determined by the customer sending the messages (not Volume 11).

7) When We Act as Controller vs Processor

For customers (our users)

Volume 11 is typically the Controller of account and billing data and theProcessor of Customer Data processed in the platform.

For messaging recipients (contacts)

Customers control who they message, what they send, and why. Customers are typically the Controller for that data and Volume 11 is the Processor.

For Customer Data processing, our Data Processing Agreement (DPA) applies:
https://www.volume11.ai/dpa

8) Sharing Personal Data (Who We Share Data With)

We may share personal data with:

A) Subprocessors / service providers

We use vendors to provide infrastructure and functionality, such as:

  • Cloud hosting providers (servers, databases, storage)
  • Email delivery providers
  • Messaging providers / telecoms platforms (e.g. Twilio or equivalent)
  • Analytics providers (for performance measurement)
  • AI model providers (to provide AI Features)
  • Customer support tooling

These providers are authorised and contractually required to protect personal data.

B) Professional advisers

Lawyers, accountants, insurers, auditors

C) Legal / regulatory

If required by law, court order, or valid governmental request

D) Corporate events

If we undergo a merger, acquisition, sale of assets, or restructuring, data may be transferred as part of the transaction.

9) International Data Transfers

Some of our providers may process data outside the Isle of Man, UK, or EEA (for example the United States).

Where this occurs, we use appropriate safeguards such as:

  • contractual protections; and/or
  • recognised transfer mechanisms

10) Data Retention (How Long We Keep Data)

We retain personal data only as long as needed for:

  • providing the Services
  • maintaining records (billing, security, legal)
  • resolving disputes
  • compliance with obligations

Typical retention:

  • Account data: while account is active, plus a reasonable period thereafter
  • Logs/security records: limited periods for security and debugging
  • Customer Data: controlled by the customer account; deleted/returned on termination according to our DPA and internal retention practices

Customers may request deletion where applicable.

11) Security Measures

We use reasonable technical and organisational security measures, including (where appropriate):

  • access controls and authentication
  • encryption in transit and/or at rest
  • secure hosting environments
  • monitoring and logging
  • least-privilege internal access
  • vendor due diligence

No system is 100% secure, and you are responsible for maintaining secure credentials and user permissions.

12) Cookies and Analytics

We use cookies and similar technologies to:

  • operate the website and app
  • remember preferences
  • analyse traffic and performance
  • improve user experience

Where required, we request cookie consent.

You can control cookies through browser settings and any cookie banner preferences.

13) Marketing Communications

We may send marketing emails to business users about Volume 11 products and updates where allowed by law.

You can unsubscribe at any time via the link in emails or by contacting info@volume11.ai.

Service-related emails (billing, security, account notices) may still be sent as necessary.

14) Your Rights

Depending on where you are located, you may have rights to:

  • Access your personal data
  • Correct inaccurate data
  • Delete personal data (in certain circumstances)
  • Restrict processing (in certain circumstances)
  • Object to processing (in certain circumstances)
  • Data portability (in certain circumstances)
  • Withdraw consent (where consent is the basis)

To exercise rights, email: info@volume11.ai

Note for Convo11 messaging recipients

If you received a message from a business using Convo11 and want your data removed, you should also contact the sender directly, as they control the contact list and lawful basis.

15) Third-Party Links

Our Services may link to third-party websites or services. We are not responsible for their privacy practices. Please review their privacy policies.

16) Children

The Services are not intended for children under 18. We do not knowingly collect personal data from children.

17) Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice via email or within the Services.

The “Last updated” date shows when it was last changed.

18) Contact and Complaints

Privacy contact: info@volume11.ai

Company address: 9 River Walk, Braddan, Isle of Man, IM4 4TJ

If you have concerns, you may also complain to the Isle of Man Information Commissioner (or your local data protection authority).

Optional Add-On: Subprocessors List (Recommended)

For transparency, Volume 11 may maintain a list of current subprocessors used to provide the Services (for example messaging delivery providers, AI model providers, hosting, analytics, and customer support providers).

Customers may request details of current subprocessors by contacting info@volume11.ai.