Legal / Privacy Policy

Privacy Policy

Last updated 27 May 2026 Operator Preworshipped Ltd t/a Jizoku Company 14167295

This Privacy Policy explains how Preworshipped Ltd trading as Jizoku collects, uses, shares, stores, and protects personal data when you visit our website, create an account, use our Service, or otherwise interact with us.

This Privacy Policy should be read together with our Terms of Service and, where applicable, our Data Processing Addendum.

Section 01

Who We Are

Jizoku is operated by Preworshipped Ltd, a company registered in England and Wales under company number 14167295. Registered office: 86-90 Paul Street, London, England, United Kingdom, EC2A 4NE.

For the personal data covered by this Privacy Policy, Preworshipped Ltd is generally the controller — we decide why and how that personal data is processed.

Where a customer uploads, submits, imports, generates, or otherwise makes personal data available through the Service as part of its own workspace, files, prompts, BOMs, tech packs, supplier information, product documents, reports, or outputs, Jizoku usually processes that personal data as a processor on behalf of the customer. That processing is governed by our DPA and the customer's agreement with us.

If you are an employee, contractor, supplier, consultant, or other individual whose personal data has been uploaded to Jizoku by one of our customers, you should contact that customer directly to exercise your data protection rights. We will assist the customer in accordance with our DPA.

Section 02

Scope of This Privacy Policy

This Privacy Policy applies to personal data we process when:

  1. you visit our website;
  2. you create or use a Jizoku account;
  3. you use the Service as an authorised user of a customer workspace;
  4. you request a demo, join a waitlist, sign up for updates, or contact sales;
  5. you communicate with us by email, form, support channel, or other means;
  6. you receive marketing, product updates, legal notices, or service communications from us;
  7. you interact with us at events, through investors, partners, suppliers, or professional contacts.

This Privacy Policy does not replace any customer privacy notice that may apply where a Jizoku customer controls the personal data submitted to the Service.

Section 03

Personal Data We Collect

3.1 Account and Profile Data

  • name; business email address; job title; company or organisation name;
  • department, team, or role;
  • username, user ID, workspace ID, and account identifiers;
  • password or authentication credentials, where managed by us or our providers;
  • account settings, preferences, and workspace configuration;
  • subscription, plan, seat, credit, usage, and billing status.

3.2 Business Contact and Sales Data

  • name; business email address; business telephone number; company name;
  • job title and seniority; country or region; industry, product category, or business type;
  • communication history; demo requests, waitlist submissions, and sales notes;
  • information you choose to provide in forms, emails, calls, or meetings.

3.3 Customer Content and Workspace Data

Depending on your use of the Service, you or your organisation may submit or generate:

  • prompts, queries, instructions, and chat-style inputs;
  • BOMs, tech packs, product specifications, sketches, product images, CAD-related files, design notes, or material requirements;
  • supplier information, certification information, factory or manufacturer contacts, sourcing notes, and compliance information;
  • sustainability goals, brand policies, product constraints, customer requirements, and design standards;
  • generated reports, outputs, summaries, recommendations, component analysis, material alternatives, circularity observations, and compliance-risk indicators;
  • comments, annotations, edits, approvals, rejections, workflow history, and product decision history.

Where this information contains personal data and is submitted by or on behalf of a customer, we generally process it as a processor under our DPA.

3.4 Usage, Device and Technical Data

  • IP address; device identifiers; browser type and version; operating system;
  • pages viewed; features used; clicks, events, workflow actions, and navigation paths;
  • timestamps and session data; referring URLs; approximate location derived from IP address;
  • error logs, crash reports, diagnostic data, performance data, and security logs;
  • model-routing metadata, credit usage, processing timestamps, and workflow execution metadata.

3.5 Payment and Billing Data

  • billing name; billing email; billing address; company details;
  • VAT or tax information; invoice details; transaction records; payment method metadata.

We do not intentionally store full payment card numbers on our own systems. Payment card processing is handled by third-party payment processors.

3.6 Support and Communications Data

  • emails, messages, support tickets, and correspondence;
  • attachments or screenshots you choose to provide;
  • call notes, meeting notes, feedback, and issue descriptions;
  • records of support requests and our responses;
  • legal, security, privacy, procurement, and compliance communications.

3.7 Cookies and Similar Technologies

We may use cookies, pixels, local storage, SDKs, and similar technologies to operate our website and Service, keep users signed in, remember preferences, secure the Service, understand usage, measure performance, and improve our product. See Section 13 for more detail.

Section 03A

Pilots, Waitlists, Demos & Early Access

Jizoku may invite individuals, companies, brands, consultants, agencies, institutions, suppliers, or other organisations to join a waitlist, request a demo, participate in a pilot, test an early-access feature, or take part in a proof-of-concept, design partner programme, or product feedback process.

3A.1 Waitlists and Demo Requests

If you join a waitlist, request a demo, or submit a form on our website, we may collect name, business email address, company name, job title, country, industry, website or LinkedIn profile, information about your use case, and information about how you heard about Jizoku.

We use this information to assess demand, prioritise access, contact you about Jizoku, schedule demos, understand likely customer needs, improve our product positioning, and decide whether a pilot or early-access workspace is appropriate.

Where a waitlist form is used to send launch or product updates to an individual subscriber, we rely on consent. By joining the waitlist, you agree to receive launch and product updates from Jizoku. You can unsubscribe at any time.

3A.2 Pilots, Proofs of Concept and Evaluation Workspaces

If you or your organisation participates in a pilot or early-access test, we may process additional personal data including authorised-user details, workspace roles, onboarding information, product and workflow information submitted during the pilot, usage telemetry, feature adoption, model-routing metadata, error logs, support records, and meeting notes.

Where Customer Content submitted during a pilot contains personal data controlled by the pilot customer, Jizoku will usually process that personal data as processor or subprocessor under the applicable agreement or DPA.

3A.3 Pilot Telemetry and Product Feedback

During pilots and early-access programmes, we may process usage data and feedback to understand whether the Service is functioning as intended, whether outputs are useful, and whether workflows are producing reliable product decisions. This may include analysing which features are used, where users abandon workflows, how often outputs are edited or rejected, and aggregated and de-identified patterns that help improve Jizoku's materials intelligence.

We do not use pilot Customer Content or Customer Personal Data to train third-party foundation models unless the relevant customer expressly opts in or agrees otherwise in writing.

3A.4 Pilot Confidentiality and Sensitive Data

Pilots may involve commercially sensitive product, supplier, material, design, sustainability, or sourcing information. You should only submit information that you are authorised to share with Jizoku. Unless expressly agreed in writing, you must not submit special-category personal data, criminal-offence data, children's data, protected health information, biometric data, payment card data, or other highly sensitive personal data during a pilot or waitlist process.

3A.5 Pilot Communications

We may contact pilot participants and waitlist members about onboarding, product access, demos, training, support, feedback, commercial terms, product updates, and conversion to paid use. You can opt out of marketing communications at any time, but we may still send service, legal, security, billing, pilot-management, and transactional communications.

3A.6 Retention of Waitlist and Pilot Data

We retain waitlist, demo, sales, and pilot information for as long as reasonably necessary to manage the relationship, evaluate demand, operate the pilot, improve the Service, comply with legal obligations, and support potential conversion to a paid customer relationship.

3A.7 Conversion to Paid Services

If a waitlist, demo, proof of concept, pilot, or early-access workspace converts into a paid subscription or commercial arrangement, relevant account, workspace, usage, billing, support, security, and contractual data may be carried forward into the paid customer relationship, unless otherwise agreed in writing.

Section 04

How We Use Personal Data

Purpose Examples Lawful Basis (UK/EU GDPR)
Provide the Service Create accounts, authenticate users, host workspaces, process prompts, generate outputs, maintain workflow state, manage subscriptions and credits Contract; legitimate interests; legal obligation where applicable
Operate and secure the Service Monitor availability, prevent abuse, detect security incidents, maintain logs, debug errors, protect accounts, enforce access controls Legitimate interests; legal obligation
Customer support Respond to support requests, troubleshoot issues, investigate errors, answer product questions Contract; legitimate interests
Billing and payment Process payments, issue invoices, manage subscriptions, calculate taxes, prevent payment fraud Contract; legal obligation; legitimate interests
Sales and CRM Respond to enquiries, schedule demos, manage pilots, communicate with prospects, maintain business contacts Legitimate interests; consent where required
Product analytics and improvement Understand feature usage, improve workflows, measure performance, improve materials intelligence and user experience Legitimate interests; consent where required for certain cookies or analytics
AI processing and output generation Route prompts and content to model providers, parse files, classify components, generate reports, create embeddings or indices where enabled Contract; legitimate interests; processor instructions where applicable
Marketing Send updates, newsletters, launch notices, event invitations, waitlist updates, pilot updates, and product announcements Consent for waitlist/launch-update signups; legitimate interests for B2B corporate contacts where permitted; soft opt-in where legally available for existing customers
Legal and compliance Maintain records, comply with law, respond to lawful requests, enforce terms, manage disputes, protect rights Legal obligation; legitimate interests
Corporate transactions Evaluate or complete investment, financing, merger, acquisition, restructuring, sale of assets, or similar transaction Legitimate interests; legal obligation where applicable

Where we rely on legitimate interests, those interests may include operating and improving our business, securing the Service, communicating with business users, developing product features, preventing fraud and misuse, and supporting commercial relationships. Where we rely on consent, you may withdraw your consent at any time.

Section 05

AI Data Governance

Jizoku uses artificial intelligence and related technologies to provide the Service. This may include file parsing, classification, retrieval, embeddings, model inference, ranking, summarisation, reasoning, report generation, and workflow automation. Our data governance position:

  1. No third-party foundation model training by default: we will not use Customer Content or Customer Personal Data to train third-party foundation models unless the customer expressly opts in or agrees otherwise in writing.
  2. No raw Customer Content training by default: we will not train Jizoku proprietary models on raw Customer Content or raw Customer Personal Data by default.
  3. No customer-identifying training: we will not train Jizoku proprietary models on customer-specific supplier lists, BOMs, unreleased product designs, or customer-identifying confidential information where that training would identify a customer, supplier, product, user, or data subject.
  4. De-identified product improvement: we may use aggregated, statistical, operational, technical, or de-identified derived insights to improve materials intelligence, taxonomy, component classification, retrieval quality, ranking, substitution logic, regulatory mapping, product reliability, abuse prevention, and workflow design.
  5. Enterprise controls: enterprise customers may receive additional controls where agreed in an order form or written agreement, including stricter retention, model-provider restrictions, tenant-level isolation, no-training commitments, or customer-specific opt-outs.

We do not sell Customer Personal Data and we do not use Customer Personal Data for targeted advertising or cross-context behavioural advertising.

Section 06

When We Act as Processor

When a customer uses Jizoku to upload, process, analyse, generate, or store Customer Content containing personal data, we usually act as a processor or subprocessor for that customer. In that context:

  1. the customer controls the relevant personal data;
  2. we process the personal data according to the customer's instructions;
  3. our DPA applies where required;
  4. the customer is responsible for providing privacy notices, determining lawful basis, responding to data subject requests, and ensuring the uploaded data is lawful and appropriate;
  5. we assist the customer as required under our DPA and applicable data protection laws.

If you believe your personal data has been submitted to Jizoku by one of our customers and you want to exercise your rights, please contact that customer first. If you contact us directly, we may refer your request to the relevant customer where appropriate.

Section 07

How We Share Personal Data

7.1 Service Providers and Subprocessors

We use third-party providers to operate and support the Service. These may include cloud hosting and infrastructure providers; database, storage, authentication, and vector-search providers; AI model providers; payment processors; analytics and monitoring providers; error tracking and security providers; email, communications, and customer support tools; and professional advisers. The current subprocessor list for customer data is set out in our DPA Schedule 3.

7.2 Customer Organisations and Workspace Administrators

If you use the Service through an organisation, workspace, employer, client, or enterprise account, that organisation and its administrators may be able to access information about your account and use of the Service, including your name, email address, role, workspace activity, prompts, uploads, outputs, reports, usage, and settings, depending on the organisation's configuration.

7.3 Legal, Regulatory and Safety Purposes

We may disclose personal data where we reasonably believe it is necessary to comply with law, regulation, court order, or legal process; respond to lawful requests from public authorities; protect the rights, property, safety, security, or integrity of Jizoku, our users, customers, partners, or others; enforce our Terms of Service, DPA, contracts, or policies; or detect, prevent, or investigate fraud, misuse, security incidents, or unlawful activity.

7.4 Business Transactions

We may share personal data in connection with a merger, acquisition, financing, investment, restructuring, sale of assets, insolvency, or similar corporate transaction. We will take appropriate steps to protect personal data in such circumstances.

7.5 With Your Consent or Direction

We may share personal data where you or your organisation instructs us to do so, such as when you enable an integration, export a report, invite a collaborator, connect a third-party system, or otherwise direct us to share information.

Section 08

International Transfers

We are based in the United Kingdom, but we may process personal data in the United Kingdom, the European Economic Area, the United States, and other countries where we or our providers operate.

Where we transfer personal data internationally, we use appropriate safeguards where required. These may include adequacy regulations, the EU Standard Contractual Clauses, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, supplier data processing agreements, transfer risk assessments, and other lawful transfer mechanisms.

Section 09

How Long We Keep Personal Data

We keep personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Data Type Typical Retention Approach
Account data Retained while the account is active and for a reasonable period after closure for legal, security, billing, and operational purposes
Customer Content Retained according to the customer agreement, DPA, workspace settings, deletion requests, and applicable retention periods
Billing and transaction records Retained as required for tax, accounting, audit, and legal purposes
Support communications Retained for as long as necessary to resolve issues, maintain records, improve support, and protect legal rights
Security logs Retained for a limited period appropriate to security, fraud prevention, abuse prevention, and incident response
Analytics data Retained for product analytics and improvement, usually in aggregated or de-identified form where appropriate
Marketing data Retained until you unsubscribe, object, withdraw consent, or the data is no longer needed

Unless otherwise agreed in writing, where we act as processor, we aim to delete or return active production copies of Customer Personal Data within 30 days following termination of the Service or a valid deletion request. Customer Personal Data retained in backups, disaster recovery systems, archived logs, or security records will be deleted or overwritten in accordance with ordinary retention cycles and, where reasonably practicable, within 90 days.

Section 10

Security

We use technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures may include:

  • encryption in transit and at rest for production databases, storage systems, and backups;
  • access controls and least-privilege permissions;
  • administrative MFA for Jizoku personnel with production access;
  • logging, monitoring, and error tracking;
  • secure cloud infrastructure, backup and recovery procedures;
  • confidentiality obligations for personnel and service providers;
  • vulnerability management and incident response processes.

No system is completely secure. You are responsible for using strong credentials, protecting your devices, managing access to your workspace, and avoiding unnecessary submission of sensitive personal data.

Section 11

Your Rights

Depending on where you are located and the laws that apply, you may have rights in relation to your personal data, including the right to:

  1. access your personal data;
  2. correct inaccurate or incomplete personal data;
  3. delete your personal data;
  4. restrict processing;
  5. object to processing;
  6. receive a copy of your personal data in a portable format;
  7. withdraw consent where processing is based on consent;
  8. object to direct marketing;
  9. complain to a data protection authority.

To exercise your rights in relation to personal data for which Jizoku is controller, contact us at privacy@jizoku.ai. If your request relates to personal data controlled by one of our customers, we may refer your request to that customer or ask you to contact them directly.

We will respond to valid data protection rights requests without undue delay and, where UK or EU GDPR applies, within one month of receiving the request. We may extend the response period by up to a further two months if the request is complex. We may need to verify your identity before responding. We may also decline or limit a request where permitted by law.

Section 12

Marketing Communications

We may send marketing communications where permitted by law, including product updates, launch announcements, newsletters, event invitations, waitlist updates, pilot updates, and commercial information about Jizoku.

You can opt out of marketing emails by using the unsubscribe link in the relevant email or by contacting us at privacy@jizoku.ai.

Even if you opt out of marketing, we may still send service, legal, security, billing, account, pilot-management, and transactional communications.

Section 13

Cookies and Similar Technologies

We use essential cookies and similar technologies to provide the website and Service, including authentication, security, session management, load balancing, fraud prevention, and user preferences that are strictly necessary for the website or Service to work.

We will not set non-essential cookies or similar technologies unless we have obtained any consent required by law. Non-essential technologies may include analytics cookies, marketing cookies, advertising pixels, heat-mapping tools, session-replay tools, retargeting tags, or similar tracking technologies.

If we use analytics or marketing technologies that require consent, our cookie banner or consent tool should provide a clear choice, including an option to reject non-essential cookies that is as easy to use as the option to accept them. You can withdraw or change your cookie preferences after making a choice.

You can also manage cookies through your browser settings. Blocking certain cookies may affect website or Service functionality.

Section 14

Children

The Service is intended for business and professional users. It is not directed to children, and we do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us at privacy@jizoku.ai.

Section 15

Automated Decision-Making

Jizoku uses AI and automated processing to generate materials intelligence, analysis, suggestions, classifications, reports, and workflow outputs.

We do not intend the Service to make legally binding or similarly significant decisions about individuals without appropriate human review. Customers and users are responsible for reviewing outputs before using them in legal, regulatory, employment, procurement, product, compliance, sustainability, labelling, consumer-facing, or commercial contexts.

Section 16

Sensitive Personal Data

The Service is not designed for special-category personal data, criminal-offence data, children's data, protected health information, biometric data, payment card data, government identifiers, or other highly sensitive personal data. You should not submit such data unless Jizoku has expressly agreed in writing and appropriate safeguards are in place.

Section 17

Complaints

If you have concerns about how we process your personal data, please contact us first at privacy@jizoku.ai so we can try to resolve the issue.

You also have the right to complain to the UK Information Commissioner's Office or another relevant data protection authority.

  • UK Information Commissioner's Office
  • Website: ico.org.uk
  • Telephone: 0303 123 1113

Section 18

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our Service, business, legal obligations, privacy practices, AI governance, cookies, subprocessors, or data protection requirements.

If we make material changes, we will take reasonable steps to notify you, such as by updating the date at the top of this Privacy Policy, posting a notice on our website, sending an email, or displaying an in-product notice. Your continued use of the Service after the updated Privacy Policy takes effect means you acknowledge the updated policy.

Section 19

Contact Us

For privacy questions, data protection requests, or concerns about this Privacy Policy, contact:

  • Preworshipped Ltd trading as Jizoku
  • Registered office: 86-90 Paul Street, London, England, United Kingdom, EC2A 4NE
  • Email: privacy@jizoku.ai