1. Introduction
1.1 This privacy notice describes how we will collect, use, share and otherwise process your personal data in connection with your use of our application (App) and the services we provide through this (Services).
1.2 Our App and Services we provide are not intended for those under 13 years old and we do not knowingly collect data relating to children.
1.3 Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
Important information and who we are
2.1 We are Cybertrends Limited (we, us or our in this notice), a company incorporated in England and Wales, with registration number 10049207 and its registered office at Oakmoore Court 11c Kingswood Road Hampton Lovett, Droitwich, Worcestershire, United Kingdom, WR9 0QH and our email is contact@cybertrends.co.
3. Changes to the privacy notice and your duty to inform us of changes
3.1 We keep our privacy notice under regular review. This version was last updated on 3 December 2025. It may change and, if it does, those changes will be posted on this page and notified to you by push notification or when you next use the App. The new notice may be displayed on-screen and you may be required to read and acknowledge the changes to continue your use of the App or Services.
4. Third party links and sites
4.1 Our App and Services links to and from the websites of third parties. Please note that these websites (and any services accessible through them) are controlled by those third parties and are not covered by this privacy notice. You should review their own privacy notices to understand how they use your personal data before you submit any personal data to these websites or use these services.
5. The data we collect about you
5.1 We collect, use, store and transfer different kinds of personal data about you. To make it easier for you to use this privacy notice, we group these into the following categories below.
6. Categories of personal data
Contact Data: your name, email address and any other contact details and copies of the communications between you and us.
Content Data: information that you generate in your use of the App and Services.
Device Data: the type of device you use, your unique device identifier, network information, operating system, the browser you use, IP address, time zone setting.
Location Data: your current location as disclosed by your IP address
Personalisation Data: Device Data, Content Data, Transaction Data, Usage Data, Location Data, and the preferences we have inferred you have and use to personalise the App and Services.
Profile Data: your email address, identifiers, username and password.
Security Data: information we collect about your use of the App, our Services and our Sites in order to ensure your and our other users' safety and security, being Usage Data and the information provided to us by our payment processing provider.
Transaction Data: billing addresses, payment card details, history of your payments and purchases and the applicable terms and conditions of your purchases.
Usage Data: logs and detail of your use of our Apps and Services, being the dates and times on which you download, access and update the App and our Services, any error or debugging information, the resources that you access and the actions we and you take in relation to the.
7. Special category data
7.1 We do not intentionally collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).
8. How is your personal data collected?
8.1 We collect your personal data in the following ways:
Registration. We collect your Contact, Identity and Profile Data when you accept our terms and start using our App and Services.
Communications. When you communicate with us we collect your Contact and Profile Data.
Usage. Each time you use our App and Services we collect Content, Device, Personalisation, Profile and Usage Data. We collect Device, Personalisation, and Usage Data by monitoring the use of our App and Services.
Contact and Transaction Data from our providers of payment services being Stripe, which is subject to their privacy policy at https://stripe.com/privacy.
9. How we use your personal data
9.1 We will only use your personal data when we have a lawful basis to do so. Our lawful basis for each purpose for which we use your personal data is specified below. Most commonly we will use your personal data in the following circumstances:
Consent. Where you have freely consented before the processing in a specific, informed and unambiguous indication of what you want. You can withdraw your consent at any time by contacting us (see Your legal rights below).
Performance of a contract. Where we need to process your personal data to perform a contract with you or where you ask us to take steps before we enter into a contract with you under our terms of use.
Legitimate interest. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Legal obligation. Where we need to use your personal data to comply with a legal or regulatory obligation. Where we rely on legal obligation and you do not provide the necessary information, we may be unable to fulfil a right you have or comply with our obligations to you, or we may need to take additional steps, such as informing law enforcement or a public authority or applying for a court order.
Delivery and improvement of our App and purchases
| Purpose or activity | Type of personal data | Lawful basis for processing |
|---|
| To permit you to install the App and register you as a new user | Contact
Device | Legitimate interests (delivering our App to you) |
| To take steps towards providing you with services at your request, to process and fulfil in-App orders/purchases and deliver services to you, including managing payments and sending you service communications | Contact
Transaction
Device
Location | Performance of a contract |
Account management
| Purpose or activity | Type of personal data | Lawful basis for processing |
|---|
| Combining the information we collect about you into a single customer account profile | Contact | Legitimate Interests (to operate and develop our business and provide our App) |
Troubleshooting, improvement and security
| Purpose or activity | Type of personal data | Lawful basis for processing |
|---|
| To administer, monitor and improve our business, Services and this App including troubleshooting, data analysis and system testing | Contact
Device | Legitimate interests (for running our business, provision of administration and IT services, network security, maintaining the security of our App and Services, providing a secure service to users and preventing fraudulent and other misuse of our App) |
| Applying security measures to our processing of your personal data, including processing in connection with the App | All personal data under this privacy notice | Legal obligation (applying appropriate technical and organisational measures under Article 32 of the UK GDPR) |
| Otherwise monitoring use of the App and deploying appropriate security measures | Contact
Security | Legitimate interests (running our business, provision of administration and IT services, network security, maintaining the security of our App and services, providing a secure service to users and preventing fraudulent and other misuse of our App) |
Rights and obligations
| Purpose or activity | Type of personal data | Lawful basis for processing |
|---|
| To comply with our other legal obligations, including tax legislation, judicial, law enforcement and government authorities' requests | All personal data under this privacy notice | Legal obligation |
Cookies and personalisation
| Purpose or activity | Type of personal data | Lawful basis for processing |
|---|
| To operate our website. | Personalisation | Consent |
Other communications
| Purpose or activity | Type of personal data | Lawful basis for processing |
|---|
| To notify you of changes to the App, Services, your purchases and our terms and conditions for ongoing contracts | Contact | For ongoing or prospective contracts, Performance of a contract
Otherwise, Legitimate interests (in servicing our users and prospective users) |
| To notify you of updates to this privacy notice | Contact
Transaction | Legal obligation (to inform you of our processing under Articles 13 and 14 of the UK GDPR [and the EU GDPR]) |
| To respond to your requests to exercise your rights under this notice | As relevant to your request | Legal obligation (complying with data subject requests under Chapter 3 of the UK GDPR |
| To otherwise respond to your enquiries, fulfil your requests and to contact you where necessary | As relevant to your enquiry or request | Legitimate interests (service our users and prospective users) |
10. Automated decision making and profiling
10.1 We do not make decisions based solely on automated processing or profiling that produce legal effects concerning you (or have similarly significant effects).
11. Special category data
11.1 We will not normally or intentionally process special category data about you.
11.2 We will not normally or intentionally collect criminal offence data about you. However we may process data relating to criminal offences in monitoring the use of our App for security purposes, where we suspect you may have committed a crime, such as attempting to make a fraudulent purchase or claim or circumvent the security of the App or Services. In such circumstances we will provide that information to law enforcement and may use it to establish, exercise or defend a legal claim. In these circumstances we will rely on legitimate interests (protecting our business, employees and other users) and legal obligation (where required by legal, judicial or law enforcement to disclose or process that information).
12. Disclosures of your personal data
12.1 We may share your personal data with the following third parties:
External third parties. Service providers acting as processors based in the United Kingdom, European Union and the United States of America who provide technology and system administration services, hosting services to us, payment processing, fraud and identity verification providers, customer service support, email delivery and administration, and data storage and analysis.
Professional advisors. Lawyers, auditors, insurers, consultants and who provide legal, accounting and insurance services.
Your service providers. That we need to contact to fulfil your requests, such as your banking or payment card provider to process your transactions.
Corporate transactions. Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
Governmental authorities. Regulators, law enforcement, public authorities or other third parties where necessary to exercise our rights or comply with a legal obligation.
13. International transfers
13.1 Where we transfer your personal data between the UK and the EEA those transfers are made pursuant to the UK government's adequacy decision in favour of countries in the EEA and the European Commission's adequacy decision in favour of the UK.
13.2 Whenever we transfer your personal data out of the UK we ensure a similar degree of protection is afforded to it by ensuring that we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
13.3 Where we use certain service providers located outside the UK, we use specific contracts approved by the UK which give personal data the same protection it has in the UK.
13.4 Please contact us using the contact details above if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
14. Data security
14.1 All information you provide to us is stored on our secure servers located in the United Kingdom, European Union and the United States of America.
14.2 Any payment transactions carried out by us or our chosen third-party provider of payment processing services, Stripe, will be encrypted using Secured Sockets Layer (SSL) technology. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our App or Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
14.3 Once we have received your information, we will use strict procedures and security features to protect your personal data from loss, unauthorised use or access.
14.4 We will collect and store personal data on your device using application data caches and browser web storage (including HTML5) and other technology.
14.5 We have put in place procedures to detect and respond to personal data breaches and notify you and any applicable regulator when we are legally required to do so.
15. Data retention
15.1 By law we have to keep basic information about our customers (including Contact, Identity, Security and Transaction Data) for six years after they cease being customers for tax purposes.
15.2 Once we no longer have a legal right to hold your personal data, we will delete or, in some circumstances, we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
15.3 If you do not use the App for a period of on year then we will treat the account as expired and will delete your personal data.
16. Your legal rights
16.1 You have the following rights under data protection laws in relation to your personal data.
Access. Request access to and/or a copy of the personal data we process about you (commonly known as a data subject access request). This enables you to check that we are lawfully processing it.
Correction. Request correction of any incomplete or inaccurate data we hold about you. (We may need to verify the accuracy of the new data you provide to us.)
Deletion. Request us to delete or remove personal data where there is no good reason for us continuing to process it. You also can ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we have processed your information unlawfully or where we need to erase your personal data to comply with law. (In some cases, we may need to continue to retain some of your personal data where required by law. If these apply, we will notify you at the time of our response.)
Objection. Object to us processing your personal data where (a) we are relying on legitimate interests as the lawful basis and you feel the processing impacts on your fundamental rights and freedoms, or (b) the processing is for direct marketing purposes. In some cases, we may refuse your objection if we can demonstrate that we have compelling legitimate grounds to continue processing your information which override your rights and freedoms.
Restriction. Request that we restrict or suspend our processing of your personal data:
if you want us to establish the data's accuracy; where our use of the data is unlawful, but you do not want us to erase it; where we no longer require it, but you need us to hold onto it to establish, exercise or defend legal claims; or you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
Data portability. Request we transfer certain of your personal data to you or your chosen third party in a structured, commonly used, machine-readable format. This right only applies to information processed by automated means that we process on the lawful bases of consent or performance of a contract.
Withdraw consent. Withdraw your consent at any time where we are relying on consent to process your personal data. Please know that this does not affect the lawfulness of any processing carried out before you withdraw your consent, and after withdrawal, we may not be able to provide services to you. We will advise you if this is the case at the time you withdraw your consent.
17. Complain to the data protection regulator.
17.1 If you are unhappy with how we process your personal data, you should contact us first using privacy@cybertrends.co so that we have the chance to put it right. However, you also have the right to make a complaint to the ICO.