Privacy Policy

1. Introduction

EPSee ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our EPC compliance monitoring service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, phone number, company name
• Property Information: Addresses, postcodes, EPC certificates, property details
• Payment Information: Billing details (processed securely through Stripe)
• Communication Data: Messages, support requests, and correspondence with us

2.2 Information Automatically Collected

• Usage Data: Pages visited, features used, time spent on the platform
• Device Information: IP address, browser type, operating system
• Cookies: Session data, preferences, and analytics (see Cookie Policy below)

3. How We Use Your Information

We use your information to:

• Provide and maintain our EPC monitoring service
• Send expiry alerts and compliance notifications
• Process payments and manage subscriptions
• Retrieve EPC data from the UK Government EPC Register
• Improve our service and develop new features
• Respond to support requests and communicate with you
• Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

• Service Providers: Stripe (payment processing), AWS (hosting), email service providers
• Government Databases: UK EPC Register (to retrieve property EPC data)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of sensitive data at rest
• Regular security audits and monitoring
• Access controls and authentication
• Secure payment processing through PCI-compliant providers

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

• Active Accounts: Data retained while your account is active
• Deleted Accounts: Personal data deleted within 90 days of account closure
• Legal Requirements: Some data may be retained longer if required by law (e.g., financial records)

7. Your Rights (UK GDPR)

Under UK data protection law, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we use your data
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing of your data
• Automated Decisions: Not be subject to solely automated decision-making

To exercise these rights, contact us at privacy@epsee.io

8. Cookies

We use essential cookies to:

• Maintain your session and keep you logged in
• Remember your preferences
• Analyze site usage (anonymized)

You can control cookies through your browser settings. Note that disabling cookies may affect site functionality.

9. Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any information.

10. Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through a prominent notice on our service. Continued use of EPSee after changes constitutes acceptance of the updated policy.