Anthia
← All legal documents

Privacy Policy

Last updated: 19 May 2026

Anthia takes privacy seriously. This policy explains what personal information we collect, why we collect it, who we share it with, and what rights you have.

Who we are

Anthia Operated by Henry Benzikie (sole trader) Oakhurst, Guildford, GU4 7UR United Kingdom

Contact for data matters: contact form

We are the controller of personal data processed through anthia.co.uk and the Anthia app.

What we collect

When you use Anthia we collect:

  • Account details. Your email address, your name (if you give it), the password you set (stored as a hash, not in clear text), and the date you signed up.
  • Business profile. The answers you give during the AI onboarding conversation (business idea, target customer, location, structure preference, timeline, budget) plus any further notes you add to tasks. We store the full conversation history so you can revisit it.
  • Roadmap state. Which tasks you have ticked off and any notes you have written against them.
  • Documents. If you upload files to the document vault (Sprout and Bloom only), we store them on your behalf.
  • Payments. When you pay, Stripe collects your billing details and card data directly. We never see or store your full card number. We do store a payment record (amount, SKU, Stripe identifiers, date) for accounting purposes.
  • Communications. Emails you send us and any support history we hold against your account.
  • Contact form submissions. If you use our contact form, we store the name and email you give us, the category, subject and body of your message, the IP address of the submitting browser (used for spam protection only) and a timestamp. Submissions are saved in our Supabase database and a copy is emailed to our inbox.
  • Technical data. Server logs of requests (IP address, user agent, timestamps, requested URLs), used for security and abuse prevention.

Why we process your data

We process your data to:

  • Provide the Anthia service to you (the contract you have with us).
  • Generate your personalised roadmap, which requires sending your business profile to our AI provider.
  • Send transactional emails (sign-up confirmation, deadline reminders, payment receipts).
  • Detect and prevent abuse, fraud and security incidents.
  • Comply with our legal obligations (for example, keeping financial records for HMRC).
  • Improve the service in aggregate (looking at patterns, never at individuals).

Lawful bases

Under the UK GDPR our lawful bases are:

  • Contract performance for everything required to give you the service you have signed up to.
  • Legitimate interests for security, fraud prevention, abuse handling and aggregate service improvement. We have weighed our interests against your rights and believe these processing activities are reasonable; you can object at any time.
  • Consent for optional marketing emails (you have to opt in).
  • Legal obligation for retention of financial records.

Who we share your data with

We use a small set of third-party processors. Each is bound by a data processing agreement that restricts what they can do with your data.

| Processor | Role | Location | Safeguard for transfers | | --- | --- | --- | --- | | Supabase Inc | Database, authentication, file storage | Ireland (EU) | Within UK/EU adequacy, no transfer concern | | Stripe Payments UK Ltd / Stripe Inc | Payment processing | Ireland (EU) / United States | UK Addendum to EU Standard Contractual Clauses; US transfers covered by the UK-US Data Bridge | | Resend Inc | Transactional email delivery | United States | UK-US Data Bridge; SCCs | | Anthropic PBC | AI processing (roadmap generation, research, follow-up chat) | United States | UK-US Data Bridge; SCCs. Anthropic's commercial terms prohibit training on customer data | | Vercel Inc | Web hosting and content delivery | United States | UK-US Data Bridge; SCCs |

We do not sell your data. We do not share your data with advertisers or analytics providers.

AI processing

When you use Anthia's AI features, the relevant text (your onboarding answers, your business profile, your follow-up questions, your task notes if you ask about them) is sent to Anthropic's Claude API. Anthropic processes that data to return a response and does not use it to train models. We do not send your password, your payment details, or content unrelated to your prompt.

Cookies and tracking

We use essential cookies only. There are no analytics or advertising cookies on Anthia. See our Cookie Policy for the full list.

How long we keep your data

| Data | Retention period | | --- | --- | | Account profile, roadmap, notes, documents | While your account is active, then deleted within 30 days of account closure | | Payment records | 7 years from the date of the transaction (UK accounting obligation) | | Server logs | 30 days | | Marketing list (if you opt in) | Until you unsubscribe | | Contact form submissions | 2 years from the date of submission, then deleted | | Support tickets and complaints | 2 years from resolution |

Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Erase your data ("the right to be forgotten"), subject to our legal obligations.
  • Restrict or object to our processing.
  • Port your data to another service in a structured, machine-readable format.
  • Withdraw consent at any time for any processing based on consent.
  • Lodge a complaint with the Information Commissioner's Office at ico.org.uk or 0303 123 1113.

To exercise these rights, use our contact form. We will respond within one calendar month.

Children

Anthia is not directed at under-18s. We do not knowingly collect data from anyone under 18. If you believe we have done so, please use our contact form.

Changes to this policy

If we change this policy we will email the address on your account (if you have one) and update the "Last updated" date at the top of this page. Material changes will be flagged on the Anthia dashboard.

Contact

Questions about this policy: contact form General enquiries: contact form