JAMDIT Limited (trading as Harborne AI) is a UK-based provider of an AI communications assistant, registered in England and Wales (company number 11738618). This page summarises the regulatory frameworks we work within and our position on industry-specific regimes. It is provided for transparency and does not constitute legal advice.
Data protection (UK GDPR & DPA 2018)
We comply with the UK GDPR and the Data Protection Act 2018 and are registered with the ICO under reference ZC182609. Our practices are described in our Privacy Policy, and where we process data on your behalf, our Data Processing Agreement applies.
Electronic marketing (PECR)
Outbound calls, texts and emails sent through the Service are subject to the Privacy and Electronic Communications Regulations (PECR). You are responsible for having a lawful basis and any required consent before contacting your customers, honouring opt-outs, and respecting the Telephone Preference Service where it applies. Our tools support suppression and opt-out handling to help you meet these duties.
AI transparency
We believe people should know when they are interacting with AI, so disclosure is built into the Service rather than left to chance. Voice agents are instructed to introduce themselves as an AI assistant and never to imply they are human, and the default call greeting states that callers are speaking with an AI assistant and that the call may be recorded. The website chat widget shows a visible “You’re chatting with an AI assistant” notice. Customers can tailor the wording, but the AI-identity behaviour remains in place. See the dedicated section on our AI limitations in the Terms of Service.
Who is responsible for the AI
Customers set up and operate their own AI agents through their account - the voices, prompts, knowledge base, scripts, routing and channels. As the operator, the customer is responsible and liable for how their AI behaves and for everything it says or does to their own customers under that configuration. We provide the platform; the customer decides how the AI runs. Full details are in section 6 of our Terms of Service.
To help operators keep their AI within safe bounds, each Voice AI, SMS AI and chat widget offers optional guardrails. When enabled, the AI declines to give financial or medical advice, avoids promising or ruling out refunds, and won’t name or compare against competitors - staying neutral and offering to pass the person to a member of the team instead. These guardrails are off by default and configured per agent by the customer.
Industry-specific frameworks
| Framework | Applies? | Our position |
|---|---|---|
| FCA (Financial Conduct Authority) | Not applicable to us | We are a software provider and do not carry out regulated financial activities, so we are not authorised or regulated by the FCA. If you are an FCA-regulated firm, you remain responsible for your own regulatory obligations (including financial promotions and consumer duty) when using the Service. |
| HIPAA (US health data) | Not applicable by default | The Service is not intended for US Protected Health Information and we do not sign Business Associate Agreements by default. Do not use the Service to process PHI unless separately agreed in writing. |
| SOC 2 | In progress / roadmap | We follow SOC 2-aligned security practices (access control, encryption, logging and vendor management). A formal SOC 2 attestation is on our roadmap; contact us for the current status and any available reports. |
| PCI DSS (card payments) | Handled by our processor | Card payments are processed by a PCI DSS-compliant payment provider. We do not store full card numbers. |
Accessibility
We aim to follow recognised accessibility guidelines (WCAG 2.1 AA) across the dashboard and public pages and continue to improve. If you encounter a barrier, please tell us.
Reporting a concern
To report a security or compliance concern, email privacy@harborne.ai. For data protection matters you also have the right to complain to the ICO at ico.org.uk.