Skip to content
Overshow
Enterprise enquiryJoin the beta

Privacy Notice

Last updated: 15 February 2026

Privacy Notice

Last updated: 15 February 2026

This privacy notice explains how Overshow ("we", "us") collects, uses and protects your personal data when you use our website and services.

By using our website or contacting us, you acknowledge this notice.

Who we are

Overshow is a local-first AI application developed and operated by San Digital Limited, a company registered in England and Wales.

  • Company name: San Digital Ltd
  • Company number: 12957488
  • VAT number: GB361512914
  • Registered office: San Digital Limited, Kendal House, Oxenholme Road, Kendal, England, LA9 7RL
  • Email: hi@over.show

San Digital Limited is the data controller for personal data collected through the Overshow website and licensing services.

Personal data we collect

We collect and process the following categories of personal data:

  • Contact form data
    • Name
    • Email address
    • Company name
    • Any other information you choose to include in your message
  • Licensing and single sign-on (SSO) data
    • Name
    • Work email address
    • Company/organisation
    • SSO identifiers and metadata (for example, unique ID from your identity provider, role or group membership where required for access control)
  • Technical and usage data
    • IP address
    • Browser type and version
    • Device information
    • Pages visited and actions taken on our site
    • Date and time of access

Overshow is designed as a local-first AI application. Model inputs and outputs processed locally by your organisation are not transmitted to us by default, except where you choose to share information with us for support or improvement purposes.

Cookies and similar technologies

What are cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and provide certain functionality.

Cookies we use

We use strictly necessary cookies only.

Strictly necessary cookies

These cookies are essential for the website to function and do not require your consent:

  • Session cookies: To maintain your session as you navigate the site
  • Security cookies: To detect and prevent security threats
  • Preference cookies: To remember choices like language settings

These cookies do not track you across other websites and contain no personal information beyond what's needed for basic site operation.

We do not use advertising, analytics, tracking, or live-chat cookies on this site.

You can manage cookies through your browser settings, though this may affect functionality across multiple websites.

How we use your personal data

We use your personal data for the following purposes:

  • To respond to enquiries
    • Handling queries submitted through the contact form.
    • Providing information about our products, services and pricing where requested.
  • To manage licensing and access
    • Verifying your identity via SSO and authorising access to Overshow.
    • Allocating and managing licences within your organisation.
    • Monitoring licence usage at an aggregate level for capacity planning and contract management.
  • To operate and improve our website and services
    • Ensuring the security and integrity of our systems.
    • Analysing anonymised or aggregated usage trends to improve usability and performance.

We do not sell your personal data.

Our lawful bases for processing

We rely on the following lawful bases under UK data protection law:

  • Legitimate interests
    • Responding to contact form enquiries.
    • Operating, securing and improving our website and licensing services.
    • Managing existing or prospective business relationships.

Where we enter into a contract with your organisation, some processing may also be necessary for performance of a contract, for example, to provide and support the Overshow licensing service.

If we ever rely on consent (for example, for certain types of direct marketing), we will ask for it clearly and separately, and you can withdraw it at any time.

How long we keep your data

We keep personal data only for as long as necessary for the purposes described above:

  • Contact form data: normally retained for up to 2 years from the last meaningful interaction, to manage ongoing conversations and potential opportunities.
  • Licensing and SSO data: retained for the duration of your organisation's licence plus up to 2 years, to support audit, security and contract management.
  • Technical logs: retained for short periods (typically up to 12 months) for security, troubleshooting and service improvement, unless a longer period is required for investigation or legal reasons.

We may retain data for longer where required to comply with legal or regulatory obligations or to establish, exercise or defend legal claims.

Sharing your personal data

We may share your personal data with:

  • Service providers and suppliers who support our website, licensing infrastructure, hosting and security. These providers only process personal data on our instructions and under written contracts.
  • Single sign-on providers and your organisation's identity systems, where necessary to authenticate users and manage access to Overshow.
  • Professional advisers, such as legal or accounting advisers, where necessary for our legitimate interests.
  • Regulators, law enforcement or courts, where we are legally required to do so or where necessary to protect our rights, users or the public.

We do not allow third parties to use your personal data for their own marketing.

International transfers

Our core services are hosted within the UK or European Economic Area (EEA) wherever practicable.

If we need to transfer personal data outside the UK or EEA, we will ensure appropriate safeguards are in place, such as:

  • An adequacy decision by the UK Government or European Commission; or
  • Standard contractual clauses or equivalent contractual protections.

You can contact us for more details of these safeguards.

Security of your personal data

We take appropriate technical and organisational measures to protect your personal data, including:

  • Encryption in transit (for example, HTTPS for our website).
  • Access controls and authentication for administrative systems.
  • Regular security updates and vulnerability management.
  • Restricted access to personal data on a need-to-know basis.
  • Staff awareness and confidentiality obligations.

No system can be guaranteed to be completely secure, but we work to reduce risks to a level appropriate to the nature of the data and our services.

Your rights

Under UK data protection law, you have the following rights in relation to your personal data:

  • Right of access — to obtain a copy of your personal data and information about how it is used.
  • Right to rectification — to correct inaccurate or incomplete data.
  • Right to erasure — to request deletion of your data in certain circumstances.
  • Right to restrict processing — to limit how we use your data in certain situations.
  • Right to data portability — to receive your data in a structured, commonly used format and transmit it to another controller, where applicable.
  • Right to object — to object to processing based on legitimate interests, and to direct marketing.
  • Rights in relation to automated decision-making and profiling — where these are used in a way that has legal or similarly significant effects on you.

To exercise any of these rights, please contact us using the details above. We may need to verify your identity before responding.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator:

We would appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first if possible via office@sandigital.uk.

Direct marketing

If you have given consent or we otherwise have a lawful basis (for example, where you are a business contact and we rely on legitimate interests), we may use your contact details to send you information about Overshow and related services.

You can opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any email, or
  • Contacting us using the details above.

Opting out of marketing will not affect essential service or transactional communications.

Third-party websites

Our website may contain links to third-party websites. This privacy notice does not cover those sites, and we are not responsible for their content or privacy practices. You should review their privacy notices before providing any personal data.

Changes to this notice

We may update this privacy notice from time to time to reflect changes in our services or legal obligations. When we do, we will update the "Last updated" date at the top of this page.

Where appropriate, we may also notify you of significant changes by email or through our website.