← DataDeadline
Draft — not yet reviewed by a solicitor. This document is a starting point and must be professionally reviewed before use with real customers. Version 2026-07-13.

Privacy Policy

DRAFT — this document has NOT been reviewed by a solicitor. It is a starting point only and must be professionally reviewed before use with real customers.

Version 2026-07-13

This policy explains how DataDeadline handles personal data, in line with the UK GDPR transparency requirements (Articles 13 and 14).

Who we are

DataDeadline ("we", "us") provides software that helps businesses receive, track and respond to data-rights requests.

Our two roles

controller and this policy applies.

business's form, that business is the controller and we act only as its processor — governed by our Data Processing Agreement, not this policy.

What we collect (as controller)

password.

Why we use it, and our lawful basis

legitimate interests in running the service safely.

Cookies

We use only a strictly necessary session cookie to keep you signed in. See the Cookie Policy for details.

Sharing and sub-processors

We use sub-processors (for example hosting and email providers) under contract. We do not sell personal data. We do not share it except as needed to provide the service or where required by law.

International transfers

We do not transfer your personal data outside the UK without an appropriate safeguard in place.

Retention

We keep account data while your account is active and for a reasonable period afterwards, then delete or anonymise it.

Your rights

You have the right to access, rectify, erase, restrict, port or object to the processing of your personal data, and to withdraw consent where relevant. To exercise these, contact us using the details below. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

Security

We encrypt personal data at rest, hash passwords, and isolate each customer's data. See SECURITY.md for detail and current limitations.

Contact

amiinking415@gmail.com

(Consider using a dedicated address such as privacy@yourdomain once you have your own domain.)