Retane Privacy Policy

Last updated: 7 October 2025

Company: Retane (“Retane”, “we”, “us”, or “our”)
Contact: [email protected] | +44 7893 945245

Governing Law: England & Wales

1. Overview

This Privacy Policy explains how Retane collects, uses, and protects personal data when you visit our website, communicate with us, or use the Retane Platform.
It also outlines your rights under the UK GDPR and Data Protection Act 2018.

2. Roles

When we process data about our own users or website visitors, we act as the Data Controller.

When Clients use the Platform to manage their customers’ data, we act as the Data Processor.

3. Data Collected

As Controller
We collect: name, email, phone, business name, addresses, billing details, usage data, support records, and marketing preferences.

As Processor (Client Data)
Clients may store: customer names, emails, phones, addresses, job details, invoices, quotes, contracts, notes, reminders, and expenses.

Clients must not upload special category data without a lawful basis.

4. How We Use Data

Provide and secure the Platform – for account creation, login, and support.
Lawful basis: Contract

Billing – for payments and tax recordkeeping.
Lawful basis: Contract / Legal obligation

Security – for fraud monitoring and abuse prevention.
Lawful basis: Legitimate interests

Product improvement – for diagnostics, analytics, and feature performance.
Lawful basis: Legitimate interests

Marketing – to send product updates and offers.
Lawful basis: Consent or soft opt-in

5. Cookies

We use necessary cookies for login and session management, and optional analytics cookies to help us understand usage.
You can manage preferences in your browser.
Details are available at https://retane.co.uk/cookies.

6. Communications & Notifications

We send emails and SMS messages for:

Account setup and onboarding

Payment confirmations and invoices

Failed payment and renewal alerts

Account status changes (suspension, cancellation, etc.)

These are transactional communications required to deliver the service and cannot be opted out of while your account is active.
Marketing communications are optional and always include an unsubscribe or “STOP” option.

7. Sharing and Transfers

We share personal data only with carefully selected third-party providers that help us deliver the Platform, including hosting, payment processing, communication, and analytics services.
All such providers act as sub-processors under binding Data Processing Agreements.

A current list of material sub-processors is available on request by emailing [email protected]
Where data leaves the UK, we rely on the UK Addendum to the EU Standard Contractual Clauses or other lawful safeguards.

8. Retention & Deletion

Active accounts: data is kept for the subscription duration.

Cancelled accounts: held for 7 days, then permanently deleted and irrecoverable.

Failed payments: follow the same 7-day grace rule.

Returning users: receive a new blank account with no previous data restored.

Financial records: retained for 6 years (legal requirement).

9. Security

We use encryption in transit, multi-factor authentication, least-privilege access, regular backups, incident response plans, and vendor due diligence to protect your data.

10. Your Rights

You have the right to access, rectify, erase, restrict, or object to the processing of your personal data, as well as to data portability.
To exercise these rights, contact [email protected]

If your data sits under a Client account (where we act as Processor), we will forward your request to that Client.
You can also lodge complaints with the ICO: https://ico.org.uk/concerns.

11. Cancellation & Support

To cancel or manage your subscription, log into your Client Portal: https://retane.app.clientclub.net/login
If you lose your login details, contact us via https://retane.co.uk or email [email protected]

12. Changes to This Policy

We may update this Policy periodically.
The latest version will always be available at https://retane.co.uk/privacy-policy
Material changes will be notified to Clients by email.

13. Data Processing Agreement (DPA)

When you use Retane, you act as the Data Controller for any personal data you store about your customers. Retane acts as your Data Processor, handling that information only to provide the Platform.

Our full Data Processing Agreement (DPA) forms part of this Privacy Policy and outlines:

The subject matter, duration, and purpose of processing

The types of data and data subjects involved

The sub-processors we use (e.g., payment, email, hosting providers)

The technical and organisational measures we apply to protect that data

This DPA is legally binding under UK GDPR Article 28 and applies automatically when you confirm payment or use the Platform.

14. Governing Law
This Privacy Policy and all processing of personal data by Retane Ltd are governed by the laws of England and Wales.
Any disputes will be handled under the exclusive jurisdiction of the courts of England and Wales.