1. Who we are and how to contact us
Mediacle Limited (company number 08757407), 16 Upper Woburn Place, London, WC1H 0BS, United Kingdom, is the controller. For any privacy question or to exercise your rights, contact [email protected].
2. Personal data we collect
Depending on how you interact with us, we may collect:
- Account and business contact data: name, business email, job title, employer, telephone number, and account credentials.
- Billing and transaction data: billing contact, billing address, VAT details, subscription and payment records. Card and payment details are collected and processed by our payment processor, Stripe; we do not store full card numbers.
- Service usage and audit data: log-in records, activity within the Service, audit logs, IP address, device and browser information, and support interactions.
- Website and cookie data: information collected through cookies and similar technologies as described in our Cookie Policy, including analytics data.
- Marketing data: your contact details and preferences where you sign up for communications or where we contact you on a business basis.
- Communications: the content of emails, support tickets and other correspondence with us.
We do not intend to collect special category personal data through the Service’s account and administration functions. Please do not send us special category data except where necessary and lawful.
3. How we collect personal data
We collect personal data: directly from you (when you register, subscribe, contact us or use the Service); automatically (through your use of the Website and Service, including cookies and logs); and from third parties (such as Stripe for payment confirmation, and business or analytics providers).
4. Why we use personal data and our lawful bases
| Purpose | Lawful basis |
|---|---|
| To create and administer accounts and provide the Service | Performance of a contract |
| To take payment and manage billing (via Stripe) | Performance of a contract; legal obligation |
| To provide support and respond to enquiries | Performance of a contract; legitimate interests |
| To secure the Service, maintain audit logs and prevent misuse | Legitimate interests (security and integrity); legal obligation |
| To improve and develop the Service, including through aggregated and anonymised data | Legitimate interests (improving our products) |
| To send service and administrative messages | Performance of a contract; legitimate interests |
| To send business marketing about MARC | Legitimate interests or consent, as applicable |
| To comply with legal, accounting and regulatory obligations | Legal obligation |
| To establish, exercise or defend legal claims | Legitimate interests |
Where we rely on legitimate interests, we have assessed that our interests are not overridden by your interests or rights. You may ask us about this assessment.
5. Marketing
We may send business-to-business marketing about MARC to relevant contacts, relying on legitimate interests or consent as required by law. You can opt out at any time using the unsubscribe link in our emails or by contacting [email protected]. Opting out of marketing does not stop service and administrative messages.
7. International transfers
Some of our providers are located outside the United Kingdom, principally in the United States (including Anthropic, OpenAI and Stripe). Where we transfer personal data outside the UK, we rely on an appropriate safeguard, such as UK adequacy regulations, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, together with additional measures where needed. You can request more information about the safeguards we use by contacting [email protected].
8. Retention
We keep personal data only for as long as necessary for the purposes described, including to provide the Service, meet legal, accounting and tax obligations (generally at least six years for financial records), resolve disputes and enforce our agreements. Account and usage data is generally retained for the duration of the customer relationship and for a reasonable period afterwards, after which it is deleted or anonymised.
9. Security
We maintain appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage, including access controls, encryption in transit, audit logging and supplier due diligence. No system is completely secure, and we cannot guarantee absolute security.
10. Your rights
Subject to applicable law, you have rights to: access your personal data; request correction; request erasure; restrict or object to processing; data portability; and withdraw consent where processing is based on consent. Where we process personal data as a processor on a customer’s behalf, requests should be directed to that customer as the controller.
To exercise your rights, contact [email protected]. We may need to verify your identity. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk, although we would welcome the chance to address your concerns first.
12. Changes to this Policy
We may update this Policy from time to time. The current version is published on the Website with the date it was last updated. Material changes will be notified where appropriate.
13. Contact
Questions about this Policy or our data practices: [email protected], or Mediacle Limited, 16 Upper Woburn Place, London, WC1H 0BS.
Questions about this page? Email [email protected] or write to Mediacle Limited, 16 Upper Woburn Place, London, WC1H 0BS United Kingdom