Dunefox is an AI-powered suite built around three pillars: Customer Support & Engagement, Lead Management, and Marketing & Sales. It works on WhatsApp and your website to automate conversations, capture and qualify leads, and run sales & marketing workflows — 24/7, without extra headcount.

Dunefox works for any customer-facing business that wants to automate support, capture and manage leads, and run smarter marketing & sales — all in one platform, on WhatsApp and web.

How does Dunefox handle lead management?

Dunefox automatically captures leads from WhatsApp and web chat, qualifies them based on custom criteria, scores them, and routes them to the right team member or nurtures them via automated follow-ups — syncing everything to your CRM.

Can Dunefox integrate with my existing CRM?

Yes. Dunefox integrates with Salesforce, HubSpot, Zoho, and many other CRMs, as well as custom systems via API, so your lead and customer data stays in sync across tools.

Is there a free trial?

Yes. Dunefox offers a free trial — no credit card required. You can explore customer support automation, lead management, and marketing features before committing.

Legal

Privacy Policy

Effective date: 1 May 2026 · Last reviewed: 1 May 2026

1. Who We Are (Data Controller)

This website, dunefox.io, is operated by Sucetas Technologies UK Ltd (the "Company", "we", "us", "our"), a company incorporated in England and Wales under company number 16984447, with its registered office at:

2nd Floor College House, 17 King Edwards Road, Ruislip, London, United Kingdom, HA4 7AE

We are registered with the UK Information Commissioner's Office (ICO) under reference number ZC086490.

As the data controller, we are responsible for deciding how and why personal data about you is collected and processed. This Privacy Policy explains what data we collect, why we collect it, and your rights in relation to it, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018).

2. Data Protection Officer (DPO)

We have appointed a Data Protection Officer who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this policy, including any requests to exercise your legal rights, please contact the DPO:

Name: Sanket Barmukh

Email: sanket@sucetastech.co.uk

Postal address: 2nd Floor College House, 17 King Edwards Road, Ruislip, London, United Kingdom, HA4 7AE

3. What Personal Data We Collect

We collect personal data in the following categories:

3.1 Data You Provide Directly

Data	How Collected	Purpose
Name, business email address, company name, phone number	Contact Sales form, Demo request form	Responding to sales and support enquiries
Website URL	Demo chatbot set-up flow on dunefox.io	Provisioning and demonstrating our AI chatbot service
Message content	Contact form, live chat	Handling your enquiry
Lead information (name, email, phone)	AI chatbot interactions on dunefox.io demo	Providing the lead-capture demonstration service

3.2 Data Collected Automatically

Data	Source	Purpose
IP address, browser type, device type, operating system, referrer URL, pages visited, session duration	Google Analytics 4 (GA4)	Website analytics and performance measurement
Mouse clicks, scroll depth, session recordings, heatmaps	Microsoft Clarity	Understanding user behaviour to improve UX
Cookies and similar tracking technologies	Our website	See our Cookie Policy

3.3 Data We Do Not Collect on This Website

Account registration, passwords, and payment card details are handled exclusively on app.dunefox.io (our application platform) and are governed by a separate privacy notice presented at the time of account creation. Payment processing on app.dunefox.io is conducted by Stripe, a PCI-DSS compliant payment processor. We do not receive or store full card details.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. The table below sets out our lawful basis for each processing activity:

Processing Activity	Lawful Basis	Details
Responding to contact/sales enquiries	Legitimate interests (Art. 6(1)(f))	We have a legitimate interest in responding to prospective customer enquiries
Providing the demo chatbot service and collecting leads	Legitimate interests / Pre-contractual steps (Art. 6(1)(b) & (f))	Necessary to perform the demonstration service you have requested
Analytics (GA4, Microsoft Clarity)	Consent (Art. 6(1)(a))	We obtain your consent via our cookie banner before activating analytics cookies
Marketing communications (if applicable)	Consent (Art. 6(1)(a))	We only send marketing emails where you have opted in
Compliance with legal obligations	Legal obligation (Art. 6(1)(c))	Where we are required by law to process data

5. International Data Transfers

We and our third-party service providers may transfer your personal data outside the UK. Where this occurs, we ensure appropriate safeguards are in place as required by UK GDPR:

Recipient	Location	Safeguard
MongoDB, Inc. (database hosting via MongoDB Atlas)	Mumbai, India (AP-South-1 region)	Standard Contractual Clauses (SCCs) under MongoDB's Data Processing Addendum. India does not currently hold a UK adequacy decision; transfers rely on SCCs approved under UK GDPR.
Google LLC (Google Analytics 4)	United States	UK International Data Transfer Agreement (IDTA) / SCCs. Google is certified under the UK's Data Bridge arrangements.
Microsoft Corporation (Microsoft Clarity)	United States	UK IDTA / SCCs. Microsoft is certified under the UK's Data Bridge arrangements.
Stripe, Inc. (payment processing — app.dunefox.io only)	United States	UK IDTA / SCCs. Stripe is PCI-DSS compliant and operates under appropriate transfer mechanisms.

You may request a copy of the relevant safeguards by contacting our DPO at sanket@sucetastech.co.uk.

6. Third-Party Processors

We use the following third-party processors who process personal data on our behalf under our instruction. All processors are bound by contractual obligations consistent with UK GDPR:

Processor	Purpose	Privacy Information
Google LLC	Website analytics (GA4)	Google Privacy Policy
Microsoft Corporation	Session recording & heatmaps (Clarity)	Microsoft Privacy Statement
MongoDB, Inc.	Database hosting (lead & demo data)	MongoDB Privacy Policy
Stripe, Inc.	Payment processing (app.dunefox.io)	Stripe Privacy Policy

We do not sell, rent, or trade your personal data to any third party for their own marketing purposes.

7. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law:

Data Category	Retention Period	Reason
Contact/sales enquiry data	3 years from last contact	Legitimate interest in follow-up; limitation period for contract disputes
Demo chatbot lead data	12 months from collection	Operational necessity; review and handoff period
Website analytics data (GA4)	14 months (configured in GA4)	Industry standard analytics retention
Microsoft Clarity session data	90 days (Clarity default)	UX review cycle
Legal / compliance records	7 years	UK statutory requirements

Upon expiry of the relevant retention period, personal data is securely deleted or anonymised.

8. Your Rights Under UK GDPR

You have the following rights in relation to your personal data. These rights are not absolute and may be subject to exemptions:

Right	What It Means
Right of access	You may request a copy of the personal data we hold about you (a Subject Access Request / SAR). We will respond within one calendar month.
Right to rectification	You may request that we correct inaccurate or incomplete personal data.
Right to erasure ("right to be forgotten")	You may request that we delete your personal data where we no longer have a legal basis to retain it.
Right to restriction	You may request that we restrict the processing of your data in certain circumstances (e.g. while accuracy is disputed).
Right to data portability	Where processing is based on consent or contract, you may request your data in a structured, machine-readable format.
Right to object	You may object to processing based on legitimate interests. We must stop unless we can demonstrate compelling legitimate grounds that override your interests.
Rights related to automated decision-making	You have rights not to be subject to solely automated decisions that produce legal or similarly significant effects. We do not carry out such processing on dunefox.io.
Right to withdraw consent	Where processing is based on consent (e.g. analytics cookies), you may withdraw consent at any time via our cookie settings. Withdrawal does not affect lawfulness of prior processing.

To exercise any of these rights, please contact our DPO:

Email: sanket@sucetastech.co.uk

Post: 2nd Floor College House, 17 King Edwards Road, Ruislip, London, United Kingdom, HA4 7AE

We may need to verify your identity before processing your request. We will not charge a fee except in cases where a request is manifestly unfounded or excessive.

9. Right to Lodge a Complaint

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner's Office (ICO)

Website: ico.org.uk

Helpline: 0303 123 1113

Post: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would, however, appreciate the opportunity to address your concerns before you contact the ICO, so please contact us first at contact@dunefox.io.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit (TLS/HTTPS across all dunefox.io pages)
Encryption of data at rest in our database infrastructure
Access controls and role-based permissions for internal systems
Regular review of our security practices

Despite these measures, no method of transmission over the internet is 100% secure. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, inform affected individuals without undue delay.

11. Children's Privacy

Our website and services are directed at business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at support@dunefox.io and we will take steps to delete it.

12. Third-Party Links

Our website may contain links to third-party websites. This Privacy Policy applies solely to dunefox.io. We are not responsible for the privacy practices of any third-party websites and encourage you to read their privacy policies before providing any personal data.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our data practices, or our services. We will post the updated policy on this page with a revised effective date. Where changes are material, we will make reasonable efforts to notify you (e.g. via a prominent notice on our website or by email where we hold your contact details). We encourage you to review this page periodically.

14. Contact Us

Sucetas Technologies UK Ltd

2nd Floor College House, 17 King Edwards Road, Ruislip, London, United Kingdom, HA4 7AE

Company No: 16984447 · ICO Ref: ZC086490

General enquiries: contact@dunefox.io

Support: support@dunefox.io

DPO (Sanket Barmukh): sanket@sucetastech.co.uk

Cookie Policy →Terms of Service →