Terms & Conditions

Our website & services terms, plus the standing terms we incorporate by reference into engagements.

This page has three parts. Part 1 governs use of our website and services. Parts 2 and 3 are standing terms that apply only when we reference them — read here in isolation they bind no one. Part 2 (Data Protection) applies where a Statement of Work or other engagement document incorporates it. Part 3 (Shared Materials) applies whenever we share materials and point to these terms — including informally by email, for pre-engagement work, outside any contract.

Part 1

Website & Services Terms

1. Introduction

These Terms and Conditions ("Terms") govern your use of the CrewCreateAI website (crewcreate.co.uk and crewcreate.ai) and any services provided by CrewCreate Ltd ("we", "our", "us", "CrewCreateAI").

By accessing our website or engaging our services, you agree to be bound by these Terms. If you do not agree, please do not use our website or services.

CrewCreate Ltd is a company registered in England and Wales (Company No. 16770038).

Signed agreements take precedence. Where you have entered into a signed agreement with us — a Statement of Work, Master Services Agreement, order form, or other signed engagement document — that agreement governs the engagement it covers and prevails over these Terms (and over the Data Protection Terms and Shared Materials & Methodology Terms set out elsewhere on this page) to the extent of any conflict. These Terms govern your use of the website, and otherwise apply only where no signed agreement covers the matter in question.

2. Website Use

Permitted Use

You may use our website for lawful purposes to:

  • Learn about our services
  • Read our blog and insights
  • Contact us and request information
  • Book consultations

Prohibited Use

You must not:

  • Use the website in any way that breaches applicable laws or regulations
  • Use the website to transmit harmful, offensive, or illegal content
  • Attempt to gain unauthorised access to our systems
  • Interfere with the proper functioning of the website
  • Scrape, copy, or reproduce our content without permission
  • Use automated systems to access the website without our consent

3. Our Services

CrewCreateAI provides AI consulting, data engineering, and technology advisory services. This includes:

  • AI strategy and implementation consulting
  • Data platform architecture and engineering
  • Machine learning and analytics solutions
  • Technology advisory and training

Service Agreements

The specific terms of any consulting engagement will be outlined in a separate Statement of Work (SOW) or service agreement. These Terms apply in addition to any specific service agreement.

In the event of a conflict between these Terms and a signed Statement of Work, service agreement, or other signed contract, the signed agreement shall prevail (see "Signed agreements take precedence" in section 1).

No Professional Advice

Content on our website is for general information only and does not constitute professional advice. You should seek appropriate professional advice before making business decisions based on our content.

4. Intellectual Property

Our Content

All content on this website, including but not limited to:

  • Text, articles, and blog posts
  • Graphics, logos, and images
  • Website design and layout
  • Software and code

is owned by CrewCreate Ltd or our licensors and is protected by copyright, trademark, and other intellectual property laws.

Your Use

You may view, download, and print content for personal, non-commercial use only. You must not:

  • Modify or adapt our content
  • Reproduce, republish, or distribute our content
  • Use our content for commercial purposes
  • Remove any copyright or proprietary notices

Client Work

Intellectual property rights in work we create for clients are addressed in individual service agreements.

5. User Content

If you submit content to us (such as through contact forms, emails, or feedback), you grant us a non-exclusive, royalty-free licence to use, store, and process that content for the purpose of responding to and managing your enquiry.

You warrant that any content you submit:

  • Is accurate and not misleading
  • Does not infringe any third party's rights
  • Is not unlawful, defamatory, or offensive

6. Third-Party Links

Our website may contain links to third-party websites. These links are provided for convenience only. We do not control or endorse these websites and are not responsible for their content or privacy practices.

7. Disclaimer of Warranties

Our website and content are provided "as is" without warranties of any kind, either express or implied, including but not limited to:

  • Warranties of merchantability or fitness for a particular purpose
  • Warranties that the website will be uninterrupted or error-free
  • Warranties regarding the accuracy or completeness of content

We do not warrant that the website will be free from viruses or other harmful components.

8. Limitation of Liability

To the fullest extent permitted by law:

  • We shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the website or services
  • Our total liability for any claim shall not exceed the amount you paid us for services in the 12 months preceding the claim, or £100 if you have not paid for services
  • Nothing in these Terms excludes or limits our liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded by law

9. Indemnification

You agree to indemnify and hold harmless CrewCreateAI, its directors, employees, and agents from any claims, damages, losses, or expenses (including legal fees) arising from:

  • Your use of the website
  • Your breach of these Terms
  • Your violation of any third party's rights

10. Privacy

Your use of our website is also governed by our Privacy Policy, which explains how we collect, use, and protect your personal information.

11. Modifications

We reserve the right to modify these Terms at any time. Changes will be effective immediately upon posting to the website. Your continued use of the website after changes constitutes acceptance of the modified Terms.

We encourage you to review these Terms periodically.

12. Termination

We may suspend or terminate your access to the website at any time, without notice, for any reason, including breach of these Terms.

13. Governing Law and Jurisdiction

These Terms are governed by the laws of England and Wales.

Any disputes arising from these Terms or your use of the website shall be subject to the exclusive jurisdiction of the courts of England and Wales.

14. Severability

If any provision of these Terms is found to be unenforceable, the remaining provisions shall continue in full force and effect.

15. Entire Agreement

These Terms, together with our Privacy Policy and any applicable service agreements, constitute the entire agreement between you and CrewCreateAI regarding use of the website.

16. Contact Us

If you have questions about these Terms and Conditions, please contact us:

Email: legal@crewcreate.ai

Contact Form: crewcreate.co.uk/contact-us

Address: CrewCreate Ltd, United Kingdom

Part 2

Data Protection Terms

Version 1.0

Introduction

These are CrewCreate's standing Data Protection Terms ("DP Terms"). They govern the parties' obligations regarding the Processing of Personal Data where a Statement of Work, Order Form, or other engagement document between Crew Create Ltd ("CrewCreate", "we", "our") and a client ("Client", "you") expressly incorporates them by reference.

These DP Terms are drafted to be incorporated, not to stand alone. If you're reviewing them outside the context of a Statement of Work that incorporates them, they don't bind anyone — they're a public reference for how we handle Personal Data when engaged.

CrewCreate is a UK Ltd (Crew Create Ltd, company no. 16770038, registered at 20 Grange Road, Winchester, Hampshire SO23 9RT). Our processing operations are based in the United Kingdom, and we work across multiple cloud platforms — Amazon Web Services, Google Cloud Platform, Microsoft Azure, and others — typically delivering inside the client's or end-client's own cloud account.

Where these terms conflict with the Statement of Work that incorporates them, the Statement of Work prevails. Where the Statement of Work is silent, these DP Terms apply. The version of these DP Terms applicable to an engagement is the version in force at the date the Statement of Work is issued; subsequent amendments published here do not change the terms of an engagement that has already been issued, unless the parties agree otherwise in writing.

1. Roles

Where CrewCreate Processes Personal Data in performing services under a Statement of Work that incorporates these DP Terms:

1.1 CrewCreate acts as a processor of the Personal Data where the Client is itself the Controller, or as a sub-processor where the Client engages CrewCreate downstream of a controller / processor relationship the Client holds with a third party (typically an end client).

1.2 In either case, CrewCreate Processes Personal Data only on the documented instructions of the Client, which (where the Client is not the Controller) reflect the lawful instructions of the Controller.

1.3 The Client warrants that it has the lawful authority and an appropriate written agreement with any upstream Controller to engage CrewCreate in the capacity described in §1.1 and to give CrewCreate the instructions set out in the Statement of Work.

2. CrewCreate's standing Sub-processors

CrewCreate uses the following standing sub-processors to perform its services. Pre-authorisation of these sub-processors is conferred by the Client when the Client signs a Statement of Work that incorporates these DP Terms.

2.1 Cloud platforms

Where the engagement is delivered into a cloud account (the Client's, an end client's, or a CrewCreate-operated test environment), CrewCreate may use the following cloud platforms as sub-processors as the engagement requires:

  • Amazon Web Services (Amazon Web Services EMEA SARL / Amazon Web Services, Inc.)
  • Google Cloud Platform (Google Cloud EMEA Limited / Google LLC)
  • Microsoft Azure (Microsoft Ireland Operations Limited / Microsoft Corporation)
  • Anthropic (Anthropic UK Ltd / Anthropic PBC) — for direct Claude API usage during delivery, where the Statement of Work permits

Where delivery takes place inside an account the Client (or end client) controls, the cloud-platform vendor is already an established sub-processor or processor by virtue of the Client's existing cloud customer agreement; CrewCreate operates within that account boundary and does not bring the cloud-platform vendor into the chain as an additional CrewCreate sub-processor.

2.2 AI / language-model providers

Where the engagement uses generative-AI capabilities, CrewCreate may invoke one or more of the following model providers, only where the Statement of Work names the provider in scope or authorises generative-AI usage generally:

  • Anthropic Claude — via Anthropic's API (Anthropic PBC), or via Claude hosted in AWS Bedrock, Google Cloud Vertex AI, or Microsoft Azure AI
  • OpenAI — via OpenAI's API (OpenAI, LLC), or via Microsoft Azure OpenAI Service, where the engagement requires it (typically for comparative evaluation against a Client's existing baseline)
  • AWS Bedrock-hosted models (Amazon-managed and third-party foundation models hosted by AWS)
  • Google Cloud Vertex AI-hosted models
  • Microsoft Azure AI Service-hosted models

The specific model providers and models in scope for an engagement are confirmed in the Statement of Work.

2.3 CrewCreate operational tools

The following are operational tools CrewCreate uses to run its business. They may incidentally Process Personal Data relating to an engagement (for example, a Client point-of-contact's email address may pass through CrewCreate's email system in the course of engagement correspondence). They are not used for Processing Client Personal Data outside that incidental scope, and Client data is not copied into them.

  • Google Workspace (Google Cloud EMEA Limited) — email, calendar, shared documents
  • GitHub (GitHub, Inc., a subsidiary of Microsoft Corporation) — source-code version control for engagement code, where applicable
  • Claude Code (Anthropic PBC) — agentic developer assistant used by CrewCreate personnel during engagement delivery (code authoring, documentation, scripted analysis); invokes the Anthropic Claude API per §2.2, with training-data retention opted out

2.4 Engagement-specific sub-processors

Any sub-processor that is not named above and is required for a specific engagement is named in the Statement of Work for that engagement. The Client's signature on the Statement of Work constitutes authorisation of those engagement-specific sub-processors.

2.5 Adding a new sub-processor

Where CrewCreate proposes to engage an additional sub-processor not covered by §§2.1–2.4, we will give the Client written notice before the new sub-processor begins Processing. If the Client reasonably objects on data-protection grounds, the parties will discuss in good faith. If no acceptable resolution is reached, the Client may terminate the affected services on written notice, with CrewCreate entitled to invoice for hours consumed to the date of termination.

CrewCreate remains liable to the Client for the acts and omissions of its sub-processors in respect of their Processing of Personal Data on the Client's behalf.

3. Documented instructions

CrewCreate Processes Personal Data only on the documented instructions of the Client, including with regard to transfers outside the United Kingdom or the European Economic Area.

The Statement of Work (including any details-of-Processing table in it) is the Client's initial documented instruction. Further instructions during the engagement are to be given in writing (email is sufficient).

CrewCreate will not implement an instruction it reasonably believes would result in a breach of UK GDPR or DPA 2018, and will promptly notify the Client where it forms that view.

4. Confidentiality

CrewCreate ensures that personnel authorised to Process Personal Data are bound by enforceable obligations of confidentiality (whether contractual, professional, or statutory), and restricts access to Personal Data to those personnel who require such access for the performance of the engagement.

5. Security measures

CrewCreate implements appropriate technical and organisational measures to protect Personal Data against unauthorised or unlawful Processing and against accidental loss, destruction, damage, alteration, or disclosure, taking into account the state of the art, the cost of implementation, and the nature, scope, context, and purposes of Processing, as well as the risk to Data Subjects.

The measures applied to a typical engagement include, at minimum:

  • Multi-factor authentication on accounts with access to Personal Data
  • Encryption in transit (TLS 1.2 or higher) and at rest (AES-256 or cloud-provider-managed equivalent) for stored Personal Data
  • Access logging and audit trails for systems Processing Personal Data
  • Role-based access control with least-privilege defaults
  • Segregation of any Personal Data from CrewCreate's general working environment (use of Client-provided cloud accounts where possible)
  • A documented procedure for security-incident response and notification
  • Periodic review of authorised personnel and rotation of secrets

Where the services are delivered into the Client's or end-client's cloud account, CrewCreate relies on the Client's account-level controls and Processes Personal Data only within the account boundary defined by the Client. CrewCreate does not export Personal Data to its own environment except as expressly required for the engagement and authorised in writing, or as permitted under the Local Processing exception below.

Local Processing exception. Where, exceptionally, the Services require temporary local Processing of Personal Data on CrewCreate-operated equipment outside the Client's cloud account boundary — for example, schema inspection of a delivered extract, or offline debugging of a transformation that cannot run in the Client's environment — such Processing is permitted only where: (i) the equipment is encrypted at rest under industry-standard full-disk encryption (Apple FileVault, BitLocker, LUKS or equivalent); (ii) the Personal Data is confined to a named local scratch location that is excluded from automatic synchronisation or backup services (including, where applicable, iCloud Drive, Time Machine, OneDrive and Google Drive); (iii) the Personal Data is securely purged within seventy-two (72) hours of the operational need ending, with overwrite of the underlying storage where the platform supports it; and (iv) the occurrence is recorded in CrewCreate's engagement notes as a documented exception, with timestamp, scope, and purge confirmation. Local Processing under this paragraph does not constitute a transfer of Personal Data outside the United Kingdom or the EEA for the purposes of §10, provided CrewCreate's equipment is located within the United Kingdom; where CrewCreate's equipment is temporarily located outside the United Kingdom, §10 applies in addition to this paragraph.

6. Data Subject rights

Taking into account the nature of the Processing, CrewCreate will provide reasonable assistance to the Client (or, via the Client, to the Controller) in fulfilling the obligation to respond to requests from Data Subjects exercising rights under UK GDPR or DPA 2018 (access, rectification, erasure, restriction, portability, objection, automated decision-making).

CrewCreate will not respond directly to any Data Subject request unless instructed in writing by the Client.

Assistance under this section is included in the engagement fee up to a reasonable threshold (typically up to two requests per engagement). Material additional effort is chargeable at CrewCreate's then-current rate via change order.

7. Personal Data Breach notification

CrewCreate notifies the Client without undue delay, and in any event within seventy-two (72) hours of becoming aware, of any Personal Data Breach affecting Personal Data Processed under the engagement. The notification will include, to the extent then known:

  • The nature of the breach
  • The categories and approximate number of Data Subjects and records affected
  • The likely consequences
  • The measures taken or proposed to address the breach and to mitigate its effects

CrewCreate will provide the Client with such reasonable further assistance as the Client requires to comply with its (or the Controller's) obligations under Articles 32–36 of UK GDPR (security, breach notification to the supervisory authority and Data Subjects, Data Protection Impact Assessments, prior consultation with the supervisory authority).

8. Records and audit

CrewCreate maintains a written record of Processing activities carried out on behalf of the Client in accordance with Article 30(2) UK GDPR.

CrewCreate makes available to the Client all information reasonably necessary to demonstrate compliance with these DP Terms on written request, with up to ten (10) business days for response on routine requests.

The Client may, on not less than thirty (30) days' prior written notice and not more than once in any twelve-month period (except following a confirmed Personal Data Breach affecting the engagement), audit CrewCreate's compliance with these DP Terms. Audits will be carried out during normal business hours, will not unreasonably disrupt CrewCreate's operations, and will be at the Client's cost (including reimbursement of CrewCreate's reasonable time at CrewCreate's then-current rate). CrewCreate's compliance with relevant industry certifications, where applicable, may be relied on in lieu of a physical audit at CrewCreate's reasonable election.

9. Return or deletion of Personal Data

On termination or expiry of the engagement, CrewCreate will, at the Client's election (notified within thirty (30) days of termination), either return all Personal Data to the Client or securely delete it, including from any backups except where retention is required by applicable law. CrewCreate will certify completion of return or deletion in writing within fourteen (14) days of the Client's election.

Where backups are subject to a scheduled overwrite cycle, CrewCreate may retain Personal Data in those backups for the standard retention period provided it is encrypted at rest and not further Processed.

CrewCreate may retain Personal Data after termination only to the extent required by applicable law (for example, tax records), and only for the period strictly required.

10. International transfers

CrewCreate's personnel and primary operations are based in the United Kingdom. CrewCreate does not transfer Personal Data outside the United Kingdom or the EEA except:

  • Into the Client's or end-client's cloud account (AWS, Google Cloud, Microsoft Azure, or otherwise), in which case the transfer is governed by the Client's or end-client's existing cloud customer agreement and its associated data-transfer addendum; or
  • With the Client's prior written authorisation and on the basis of an appropriate transfer mechanism (an Adequacy Decision, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or equivalent).

Engagements that use generative-AI providers based outside the United Kingdom (Anthropic, OpenAI, and Google / Microsoft / Amazon model APIs) may, by virtue of the model provider's region availability, route Personal Data through facilities in the United States or other jurisdictions. Where this applies, it is identified in the Statement of Work and is subject to the model provider's own data-transfer commitments, which CrewCreate relies on as the basis for the transfer.

11. Costs of assistance

Reasonable assistance provided by CrewCreate under §§6 (Data Subject rights) and §7 (Personal Data Breach notification) is included in the engagement fee. Material additional effort triggered by Data Subject requests, security investigations, or Controller / supervisory-authority requests is chargeable at CrewCreate's then-current rate via written change order, except where the additional effort arises from a breach of these DP Terms by CrewCreate.

12. Liability

Each party's liability arising out of or in connection with these DP Terms is capped at 100% of the total fees payable under the relevant Statement of Work, in addition to and not as part of any general liability cap in the Statement of Work.

The cap above does not apply to:

  • Either party's liability for fines imposed directly on it by a supervisory authority
  • Either party's liability for fraud, fraudulent misrepresentation, or wilful default
  • Either party's liability that cannot be limited by law (including liability for death or personal injury caused by negligence)

Each party indemnifies the other against losses arising from the indemnifying party's breach of these DP Terms, subject to the cap above.

The Statement of Work may specify a different liability framework for a given engagement, in which case the Statement of Work prevails per the precedence rule in the Introduction.

13. Survival

§4 (Confidentiality), §8 (Records and audit), §9 (Return or deletion), §10 (International transfers), §12 (Liability) and this §13 (Survival) survive termination of the engagement.

14. Definitions

For the purposes of these DP Terms:

  • Controller, Processor, Personal Data, Processing, Personal Data Breach, and Data Subject bear the meanings given in UK GDPR
  • UK GDPR means Regulation (EU) 2016/679 as retained, amended, and supplemented in UK law under the Data Protection Act 2018 and the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (SI 2019/419)
  • DPA 2018 means the Data Protection Act 2018
  • Sub-processor means a third party engaged by CrewCreate to Process Personal Data on the Client's behalf

15. Version history

VersionEffectiveSummary
1.02026-05-29Initial publication

Permalinks to earlier versions are made available alongside the current version where any have been superseded.

16. Contact

For data-protection questions, contact: Daren Howell, Director — daren.howell@crewcreate.co.uk.

Where you are a Data Subject and wish to exercise your rights in respect of Personal Data that CrewCreate Processes under an engagement, please contact the Client (the data controller) in the first instance.

Part 3

Shared Materials & Methodology Terms

Version 1.0

Introduction

These are CrewCreate's standing Shared Materials & Methodology Terms ("Sharing Terms"). They set out the basis on which Crew Create Ltd ("CrewCreate", "we", "our") shares templates, tools, examples, frameworks, methodologies and similar materials ("Shared Materials") with another party ("you") — including informally and outside of any contract or paid engagement.

Like our Data Protection Terms, these are drafted to be referenced, not to stand alone. They apply when we make Shared Materials available to you and identify these terms as the basis — typically by a short note or link in the email or document that accompanies the materials. Reviewed in isolation, they bind no one; they are a public reference for how we share.

CrewCreate is a UK company (Crew Create Ltd, company no. 16770038, registered at 20 Grange Road, Winchester, Hampshire SO23 9RT).

1. What these cover

"Shared Materials" means anything we share with you that is not a contracted deliverable under a signed Statement of Work or other agreement — for example: document templates, file formats, build scripts, sample documents, checklists, reference architectures, prompts, frameworks, and the methodologies and approaches they embody.

2. Basis of sharing

Unless we have agreed otherwise in a signed written agreement, Shared Materials are provided:

  • Informally and free of charge, and may be provided outside of any contract or engagement; and
  • As a gesture of collaboration, with no commitment by either of us to provide support, updates, or anything further.

3. What you may do

You may use, adapt, and build on Shared Materials for your own purposes, including incorporating them into your own tools, products and processes.

4. What CrewCreate retains

The sharing is non-exclusive. CrewCreate retains all right, title and interest in the Shared Materials and in the underlying approach, methodology, know-how and techniques (our "Background IP"). Nothing in the sharing transfers ownership to you.

CrewCreate remains free to continue using and developing its Background IP and to provide, license or sell the same or similar materials and approaches to any other party, without restriction and without any obligation to you. Your use of Shared Materials does not give you any exclusivity over them or over the approach behind them.

5. Provided "as is"

Shared Materials are provided "as is", without warranty of any kind, express or implied, including as to accuracy, fitness for a particular purpose, or non-infringement. You are responsible for deciding whether and how to use them and for the results of doing so. To the fullest extent permitted by law, CrewCreate accepts no liability for any loss or damage arising from your use of, or reliance on, Shared Materials.

6. No partnership or obligation

Sharing materials under these terms does not create a partnership, joint venture, agency, employment or other relationship between us, and imposes no obligation on either of us to enter into any such relationship or transaction.

7. Your own content and branding

Where you adapt Shared Materials with your own content, branding or data, that content, branding and data remains yours. These terms concern only the Shared Materials and the approach we provide, not the material you add.

8. Where a signed agreement exists

If a signed Statement of Work or other agreement between us covers specific materials, that agreement prevails for those materials. These Sharing Terms apply only to materials shared outside such an agreement.

9. Versioning

The version of these Sharing Terms applicable to a particular sharing is the version in force at the date the materials are shared. Later amendments published here do not change the basis on which materials were already shared, unless we both agree otherwise in writing.

Contact

Questions about these terms: hello@crewcreate.ai.