Privacy Policy

1. Information We Collect

Voluntarily Provided Information

Information you actively provide to us, including when you create an account, subscribe to a plan, contact us, submit feedback, or join our mailing list. This may include:

• Full name
• Email address
• Business name
• Business address
• Billing information
• Account login details
• Content you input into the platform (e.g., ingredient costs, recipes, pricing data)

Automatically Collected Information

When you use our website or platform, we may automatically collect:

• IP address
• Browser type and version
• Device type
• Pages visited
• Time and date of visit
• Referring URL
• Usage behaviour within the platform
• Error logs and performance data

This data helps us improve performance, reliability, and security.

2. How We Use Your Information

We collect and use your personal data for the following purposes:

• To provide and operate the ProfitPour platform
• To manage user accounts
• To process payments
• To provide customer support
• To improve product features
• To monitor usage and performance
• To send service-related communications
• To send marketing communications (with consent)
• To comply with legal obligations

We do not sell your personal data.

3. Lawful Bases for Processing (UK GDPR)

We rely on the following lawful bases:

Contractual Necessity

Processing required to provide your account and subscription.

Legitimate Interests

Improving our product, security, fraud prevention, analytics, and business development.

Consent

For marketing communications and non-essential cookies.

Legal Obligation

Where required to comply with tax, accounting, or regulatory requirements.

4. Cookies & Analytics

We use cookies and similar technologies to ensure website functionality, analyse usage, improve user experience, and support marketing activity.

We may use third-party services such as:

• Google Analytics
• Vercel (hosting)
• Supabase (database and authentication)
• Stripe (payment processing)

You can control cookie settings through your browser.

5. Payments

Payments are processed securely via third-party payment providers such as Stripe Payments Europe Ltd. We do not store full payment card details on our servers.

6. Data Storage & Security

We store data using secure cloud infrastructure providers. We implement:

• Encryption in transit (HTTPS/SSL)
• Access controls
• Authentication protections
• Secure database storage
• Regular monitoring

While we take commercially reasonable steps to protect your information, no system is 100% secure.

7. Data Retention

We retain personal data:

• For as long as your account is active
• For legal and accounting obligations (typically 6–7 years for financial records)
• Until you request deletion (where applicable)

If you close your account, we may retain limited information where legally required.

8. International Data Transfers

Some of our service providers may process data outside the UK. Where this occurs, we ensure adequacy regulations apply, or Standard Contractual Clauses (SCCs) are in place. All transfers comply with UK GDPR requirements.

9. Your Rights Under UK GDPR

You have the right to:

• Be informed about how your data is used
• Access your personal data
• Correct inaccurate data
• Request erasure (where applicable)
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with the ICO

To exercise your rights, contact us at the details below.

10. Data Breaches

If we become aware of a data breach affecting your personal data, we will investigate promptly, notify affected users where required, and report to the Information Commissioner's Office (ICO) where legally necessary.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

12. Business Transfers

If ProfitPour Ltd is acquired or merged, user data may be transferred as part of the transaction, subject to confidentiality obligations.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are significant, we will notify registered users.

14. Contact Details