Privacy Policy

← Back to Home

1. Introduction

Strat Consulting Limited ("we", "our", "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: Strat Consulting Limited
Company Registration: 8868745
Registered Office: London, England

2. Information We Collect (Server vs. Local)

2.1 Information Sent to Our Servers

We only transmit the minimum required data to our backend servers to operate your account:

• Authentication and Authorisation Data: To provide secure access, we send and store your email address, encrypted password hashes, and OAuth tokens (e.g., Google Sign-In) on our secure backend servers.
• Payment Information: If you purchase a subscription, payment information is securely collected and processed directly by our third-party payment processor (Stripe). We do not store full credit card numbers on our servers.
• Contact form submissions: Name, company name, email address, and general enquiry details.

2.2 Information Kept Locally on Your Device (Zero-Data Retention)

Our Software Services (such as Stratbridge Suite) are built using a Zero-Data Retention Architecture. We explicitly reinforce that any data from files (such as ledgers or CSVs) uploaded to our tools stays entirely within your browser on your device. It is never sent to our servers. Because of this local-only processing, Strat Consulting Limited is not liable for the security, loss, or compromise of that local data on your personal device.

2.3 Information We Collect Automatically

When you visit our website, we may automatically collect Technical Data (IP address, browser type) and Usage Data. See our Cookie Policy for details.

3. How We Use Your Information

We process your server-stored personal data for the following purposes:

Purpose	Legal Basis (UK GDPR)
Authenticating and authorising access to Software Services	Contract performance
Responding to your enquiries and providing requested information	Legitimate interests / Contract
Sending service updates, security alerts, and support messages	Legitimate interests / Contract
Complying with legal obligations	Legal obligation

4. Data Sharing and Disclosure

4.1 No Third-Party Sharing

We will not share your personal data with any third party unless legally required to do so. We do not sell, rent, or trade your personal information for marketing purposes.

4.2 Essential Sub-Processors

To operate our business, we utilise essential third-party service providers (sub-processors) who assist us strictly under our instruction. These include:

• Cloud Hosting: Providers that host our applications and authentication databases (e.g., Render, Vercel).
• Payment Processors: Providers that securely process subscription payments (e.g., Stripe).
• Transactional Email: Platforms used to send secure password resets and verification emails (e.g., Resend).

5. International Data Transfers

Your personal data is primarily processed and stored within the United Kingdom and the European Economic Area (EEA). If we utilize sub-processors based outside these areas, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the UK Information Commissioner's Office.

6. Data Security

We implement appropriate technical and organisational measures to protect your server-side personal data, including SSL/TLS encryption, secure database access controls, and password complexity requirements.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• SaaS Account Data: Retained for the duration of your active account. If an account is deleted, personal data is purged within 30 days.
• Enquiry data: Up to 2 years from last contact.

8. Your Rights Under UK GDPR

You have rights including the Right of Access, Rectification, Erasure ("Right to be Forgotten"), Restriction, Data Portability, and the Right to Object. To exercise any of these rights, please contact us using the form below.

9. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. We will notify you of any material changes by posting the new policy on this page.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please use the form below.