Privacy Policy

Effective date: 2025-07-21

1. Introduction

• 1.01 Welcome to Get Repped Ltd.
• 1.02 Get Repped Ltd (“us”, “we”, or “our”) operates the website www.getrepped.co.uk (the “Service”).
• 1.03 This Privacy Policy governs your use of the Service and explains how we collect, safeguard, and disclose information that results from your use.
• 1.04 We use your data to provide and improve the Service. By using the Service, you agree to the practices described here.
• 1.05 Unless otherwise defined, terms in this Privacy Policy have the same meanings as in our Terms and Conditions.
• 1.06 Our Terms and Conditions (“Terms”) and this Privacy Policy together form our agreement with you (“Agreement”).
• 1.07 Get Repped Ltd is incorporated in England & Wales. Registered office: 124 City Road, London, EC1V 2NX, United Kingdom.

2. Definitions

• 2.01 SERVICE: www.getrepped.co.uk operated by Get Repped Ltd.
• 2.02 PERSONAL DATA: Information relating to an identified or identifiable natural person.
• 2.03 USAGE DATA: Data collected automatically through the Service (e.g. page-visit duration).
• 2.04 COOKIES: Small text files stored on your device.
• 2.05 DATA CONTROLLER: The entity that determines purposes and means of processing Personal Data (Get Repped Ltd).
• 2.06 DATA PROCESSOR: A third party processing data on behalf of the Data Controller.
• 2.07 USER / DATA SUBJECT: The individual using the Service and to whom Personal Data relates.

3. Information Collection and Use

• 3.01 We collect several types of information to provide and improve our Service.

4. Types of Data Collected

• 4.01 Personal Data you provide: Email address; first & last name; phone number; postal address (country, county/state, city, postcode); and similar identifiers.
• 4.02 Usage Data: IP address; browser type/version; pages visited; timestamps; session duration; device identifiers; diagnostic data.
• 4.03 Tracking Technologies: We use cookies, beacons, tags, and scripts to track activity and improve the Service.
• 4.04 Cookies We Use:
  • sessionid (getrepped.co.uk) – maintains your logged-in session – expires end of browser session
  • csrftoken (getrepped.co.uk) – CSRF protection – expires 12 months
  • cookie_consent (getrepped.co.uk) – remembers cookie preferences – expires 6 months
  • _ga (Google Analytics) – distinguishes unique users – expires 2 years
  • _gid (Google Analytics) – distinguishes unique users – expires 24 hours
• 4.05 Other Data (optional): Demographic or professional details you choose to supply (e.g. date of birth, education, employment agreements, NDAs, bonuses, marital status, taxpayer ID).

5. Use of Data

• 5.01 Provide and maintain the Service.
• 5.02 Notify you about changes to the Service.
• 5.03 Enable interactive features at your request.
• 5.04 Provide customer support.
• 5.05 Gather analysis to improve the Service.
• 5.06 Monitor usage.
• 5.07 Detect, prevent, and address technical issues.
• 5.08 Fulfil the purpose for which you provide data.
• 5.09 Enforce contractual rights (e.g. billing, collection).
• 5.10 Send account or subscription notices.
• 5.11 Send marketing or promotional material you have opted in to receive (opt-out anytime).
• 5.12 Legitimate interests, balanced against your rights (analytics, security, improvement).
• 5.13 Compliance with UK legal obligations.
• 5.14 Any other purpose described when you provide information, or with your consent.

6. Retention of Data

• 6.01 Personal Data is retained only as long as necessary for the purposes above or as required by law.
• 6.02 Usage Data is generally kept for a shorter period unless needed for security or Service improvement.

7. Transfer of Data

• 7.01 If you are outside the UK, your data will be transferred to—and processed in—the UK. By submitting data, you agree to this transfer.
• 7.02 We ensure appropriate safeguards (e.g. adequacy decisions or standard contractual clauses) for any onward transfer outside the UK.

8. Disclosure of Data

• 8.01 Law Enforcement: We may disclose Personal Data if required by law or valid request.
• 8.02 Business Transaction: Personal Data may be transferred in a merger, acquisition or asset sale.
• 8.03 Other Cases:
  • To subsidiaries and affiliates
  • To contractors and service providers supporting our business
  • To fulfil the purpose for which you provide it
  • To include your company’s logo on our site (if you supply it)
  • As disclosed when you provide the data
  • With your consent
  • To protect rights, property or safety of Get Repped Ltd, users or others

9. Security of Data

• 9.01 We use commercially acceptable security measures (encryption, access control). No method of transmission or storage is 100 % secure.

10. Authentication and OAuth

• 10.01 Our Service may let you log in or register using third-party authentication providers (e.g. Google or Microsoft OAuth). When you connect, we receive information (such as name and email) as allowed by that provider’s privacy settings. We use this only to facilitate your login and use of the Service.
• 10.02 Security of OAuth Tokens: Any OAuth tokens or credentials that allow our Service to interact with your third-party account are stored securely in encrypted form. Administrators cannot view these tokens and cannot use them to access your accounts. Tokens are used only as needed to provide authorised functionality.
• 10.03 User Responsibility to Revoke Access: You may revoke our Service’s access to your third-party account at any time (e.g. via Google or Microsoft account settings). It is your responsibility to revoke access if you stop using the integration or believe your account security is at risk.

11. Your Data Protection Rights (UK GDPR)

• 11.01 Access – request a copy of your Personal Data.
• 11.02 Rectification – correct inaccurate or incomplete data.
• 11.03 Erasure – request deletion (“right to be forgotten”).
• 11.04 Restriction – limit processing.
• 11.05 Portability – receive data in machine-readable format.
• 11.06 Objection – object to processing based on legitimate interests.
• 11.07 Withdraw Consent – at any time without affecting prior processing.
• 11.08 Complain – lodge a complaint with the UK ICO (ico.org.uk).

12. Service Providers

• 12.01 We employ third-party companies and individuals to facilitate the Service, perform Service-related services or assist in analysis. They access Personal Data only to perform tasks on our behalf and are contractually bound to confidentiality.

13. Analytics

• 13.01 We use Google Analytics to monitor and analyse usage. You can opt-out with the Google Analytics opt-out add-on.

14. CI/CD Tools

• 14.01 We use third-party Continuous Integration / Continuous Deployment platforms to automate development; these process code and infrastructure, not Personal Data.

15. Behavioural Remarketing

• 15.01 We may use remarketing services to advertise on third-party sites after you visit our Service. We and our vendors use cookies to inform, optimise and serve ads based on past visits.

16. Payments

• 16.01 If we provide paid products or services, payments are processed by PCI-DSS-compliant third-party processors. We do not store card details.

17. Links to Other Sites

• 17.01 Our Service may contain links to external sites not operated by us. We are not responsible for their content or privacy practices; please review their policies.

18. Children’s Privacy

• 18.01 The Service is prohibited for children under 13.
• 18.02 Users aged 13–17 may use the Service only with parental or guardian supervision.
• 18.03 If you become aware that a child has provided us with Personal Data, contact support@getrepped.co.uk; we will promptly delete such data.

19. Changes to This Privacy Policy

• 19.01 We may update this policy periodically. We will post the new version and update the “Effective date”.
• 19.02 Where required, material changes will be notified by email or prominent notice.

20. Contact Us

• 20.01 Email: support@getrepped.co.uk
• 20.02 Post: Get Repped Ltd, 124 City Road, London, EC1V 2NX, United Kingdom