Data Trust & Security

1. Data We Collect

• Account data: name, email address, and login details.
• Billing data: payment information processed by our payment providers (we do not store card details).
• Service data: content you upload or test using Preflight, along with system logs for performance and error monitoring.

2. How We Use Data

• Provide and improve our services.
• Process payments and manage subscriptions.
• Communicate service updates or important notices.
• Monitor performance, reliability, and security.

We do not sell customer data to third parties.

3. Subprocessors

We work with carefully selected subprocessors (such as hosting, payment, and email delivery providers) to run our services. A full, up-to-date list of subprocessors and their compliance information is provided below.

4. Security Measures

• Encryption of data in transit and at rest.
• Access controls and authentication.
• Regular monitoring and security reviews.
• Data minimisation practices.

5. Data Retention & Deletion

• We retain customer data only for as long as necessary to provide our services or as required by law.
• Customers may request deletion of their data at any time, in line with our obligations under data protection laws.
• If an account is cancelled or suspended for non-payment, all associated data will be deleted within one calendar month.

6. International Transfers

Where data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs).

7. Your Rights

• Request access to your personal data.
• Ask us to correct or delete your data.
• Withdraw consent to processing where applicable.

Requests can be sent to [email protected].

8. Changes to This Policy

We may update this policy from time to time. If changes are significant, we will notify you by email or through our service.

9. Contact

If you have any questions about this policy or how we handle your data, please contact us at [email protected].