Privacy Policy

Last updated: January 28, 2026

Privacy Policy

Last updated: 28 January 2026

SauceStack Ltd ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

SauceStack Ltd is a company registered in England and Wales. We operate in accordance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

1.1 Personal Information

When you register for an account or use our services, we may collect:

  • Name and contact details (email address, phone number)
  • Account credentials and authentication data
  • Billing information and payment details
  • Company name and business information
  • Profile information you choose to provide

1.2 Usage Data

We automatically collect certain information when you use our platform:

  • Device information (browser type, operating system, device identifiers)
  • IP address and approximate location
  • Pages visited and features used
  • Time spent on the platform and interaction patterns
  • Error logs and performance data

1.3 Content Data

We store the content you create using our services, including documents, projects, tickets, forms, and any other data you input into the platform.

2. How We Use Your Information

We use your information for the following purposes:

  • To provide, maintain, and improve our services
  • To process transactions and send related information
  • To send administrative messages, updates, and security alerts
  • To respond to your comments, questions, and support requests
  • To analyse usage patterns and improve user experience
  • To detect, prevent, and address technical issues and fraud
  • To comply with legal obligations

3. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services to you
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our services and preventing fraud
  • Legal Obligation: Processing required to comply with applicable laws
  • Consent: Where you have given explicit consent for specific processing activities

4. Data Sharing and Disclosure

We may share your information with:

  • Service providers who assist in operating our platform (hosting, payment processing, analytics)
  • Professional advisers (lawyers, accountants, auditors) where necessary
  • Law enforcement or regulatory bodies when required by law
  • Potential buyers in the event of a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

5. International Data Transfers

Your data may be stored and processed in the European Union. Where we transfer data outside the UK, we ensure appropriate safeguards are in place, including:

  • EU adequacy decisions recognised by the UK
  • Standard Contractual Clauses approved by the Information Commissioner's Office (ICO)
  • Binding Corporate Rules where applicable

6. Data Retention

We retain your personal data for as long as necessary to provide our services and fulfil the purposes described in this policy. When you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal, accounting, or reporting purposes.

7. Your Rights

Under UK data protection law, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of processing
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Where processing is based on consent

To exercise any of these rights, please contact us at [email protected].

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication measures
  • Employee training on data protection
  • Incident response procedures

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. For detailed information about the cookies we use, please see our Cookie Policy.

10. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. Visit ico.org.uk for more information.