Privacy Policy

Recurvia is a UK-based SaaS platform for trade businesses. References to "we", "us", or "our" in this Privacy Policy mean Recurvia. Our contact address for privacy matters is legal@recurvia.app.

This Privacy Policy explains how we collect, use, store, and share personal data when you use our website at recurvia.app and the Recurvia platform (together, the "Service"). It covers our activities as a data controller — that is, where we determine the purposes and means of processing.

Where we process personal data on your behalf as part of operating the Service (for example, Landlord Contact Data you upload), we act as your data processor. That processing is governed by the Data Processing Agreement at recurvia.app/dpa, not this Policy.

Account and registration data: your name, email address, business name, and any other information you provide when creating or updating your Account.

Billing data: payment method details , billing address, VAT number if provided, and transaction history.

Usage and technical data: IP address, browser type, device identifiers, pages visited, features used, session duration, error logs, and similar information collected automatically when you use the Service.

Communications: messages you send us via email, support channels, or in-app feedback forms.

Cookies and tracking: we use cookies and similar technologies for authentication, session management, and understanding how the Service is used. See the Cookies section below.

To provide and operate the Service: including account management, delivering features, processing payments, sending transactional emails (account confirmation, billing receipts, password resets), and providing support.

To improve the Service: analysing usage patterns, diagnosing errors, and developing new features. We may use anonymised or aggregated data for this purpose.

To communicate with you: sending product updates, important notices about your Account, or changes to these terms. Where required by law, we will ask for your consent before sending marketing messages.

To comply with legal obligations: retaining records as required by law, responding to lawful requests from authorities, and enforcing our Terms of Service.

To protect the Service and our users: detecting and preventing fraud, abuse, spam, and security incidents.

We process your personal data on the following lawful bases under UK GDPR:

Contract: processing necessary to provide the Service you have signed up for, including account administration and billing.

Legitimate interests: improving the Service, detecting abuse, securing the platform, and communicating about important account matters — where our interests are not overridden by your rights.

Legal obligation: retaining records as required by UK law, including tax and accounting obligations.

Consent: where we send optional marketing communications, or where we use non-essential cookies. You may withdraw consent at any time.

We do not sell your personal data. We share personal data with third parties only in the following circumstances:

Service providers: we use third-party providers to operate the Service, including cloud hosting, payment processing , email infrastructure, error monitoring, and analytics. These providers act as our processors and are bound by data processing agreements.

Legal requirements: we may disclose personal data if required by law, court order, regulation, or to protect the rights, property, or safety of Recurvia, our users, or others.

Business transfers: if Recurvia is acquired, merged, or transfers its assets, personal data may be transferred as part of that transaction. We will notify you of any such change.

The Service may process personal data outside the UK, including in the European Economic Area and the United States, where our third-party providers operate. Where such transfers occur, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or equivalent mechanisms.

We retain personal data for as long as your Account is active or as needed to provide the Service. We also retain data as necessary to comply with legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

If you close your Account, we will delete or anonymise your personal data within 30 days, subject to exceptions for legal retention requirements, billing records, security logs, suppression records, and audit trails.

Under UK GDPR, you have the following rights regarding your personal data:

Access: request a copy of the personal data we hold about you.

Rectification: request that we correct inaccurate or incomplete data.

Erasure: request deletion of your personal data where we no longer have a lawful basis to retain it.

Restriction: request that we limit how we use your data in certain circumstances.

Portability: request your data in a structured, machine-readable format.

Objection: object to processing based on legitimate interests, including for direct marketing.

Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at legal@recurvia.app. We will respond within one month. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

We use cookies and similar technologies to operate the Service. These include:

Essential cookies: required for authentication, session management, and security. These cannot be disabled without breaking the Service.

Analytics cookies: used to understand how the Service is used so we can improve it. These may be provided by third-party analytics services.

You can manage cookies through your browser settings. Disabling non-essential cookies will not affect your core use of the Service.

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS), access controls, and regular security reviews. No system is completely secure, and we cannot guarantee absolute security.

You are responsible for keeping your Account credentials secure and for any activity under your Account.

The Service is intended for business users aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected such data, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The date at the top of this page reflects when the Policy was last updated. Continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

For privacy-related questions, requests, or complaints, contact us at: legal@recurvia.app

We aim to respond to all privacy requests within one month.