Privacy & Data Governance Policy

Ruleframe Limited is the controller of the personal information covered by this notice.

If you have questions about this notice or want to exercise your data protection rights, contact us at hello@ruleframe.io or write to UNIT 501 LEROY HOUSE 434-436 ESSEX ROAD LONDON UNITED KINGDOM N1 3FY.

We collect information you provide directly, information needed to process payments and provide services, and technical information created when you use our website or apps.

The information we collect depends on how you interact with us, but is generally limited to what is reasonably necessary to operate the business, deliver services, prevent fraud, and meet legal obligations.

• Identity and contact information such as name, email address, billing address, and correspondence.
• Account and transaction information such as order history, subscription status, invoices, payment confirmations, and refund records.
• Technical information such as IP address, browser type, device information, log data, and security events.
• Support information you provide when asking for assistance, requesting a refund, or reporting an issue.

We use personal information to operate our website and apps, fulfil purchases, manage subscriptions, provide support, send service communications, prevent fraud, keep records, and comply with legal requirements.

Under UK data protection law, we generally rely on contract, legitimate interests, legal obligations, and consent where consent is specifically required.

• Contract: to create accounts, deliver digital products or services, process payments, and administer subscriptions.
• Legitimate interests: to secure our systems, improve performance, prevent abuse, and manage customer relationships.
• Legal obligation: to keep tax, accounting, fraud-prevention, and regulatory records.
• Consent: where we rely on consent for optional marketing or non-essential technologies.

We share personal information only where necessary to run the business, process payments, deliver services, or comply with the law.

Our service providers process information on our behalf under appropriate contractual and security controls.

• Payment processors including Stripe for payment handling, fraud screening, and refunds.
• Hosting, infrastructure, analytics, and communication providers that help us operate the website and apps.
• Professional advisers, regulators, law enforcement, or courts where disclosure is legally required or necessary to protect rights and prevent fraud.

We keep personal information only for as long as necessary for the purposes described in this notice, including support, security, compliance, accounting, and dispute-handling.

For example, customer service records may be kept for a limited support period, while tax and accounting records may be retained for longer where required by law. We use reasonable technical and organisational measures to protect personal information.

Some suppliers may process information outside the UK. Where that happens, we use appropriate safeguards required under applicable data protection law.

If you would like more detail about specific retention periods or transfer safeguards, contact us at hello@ruleframe.io.

Depending on the circumstances, you may have rights to access, correct, erase, restrict, object to, or request transfer of your personal information, and to withdraw consent where consent is the lawful basis.

You can contact us using the details above. You also have the right to complain to the Information Commissioner's Office if you believe your personal data has been handled unlawfully.

ICO: https://ico.org.uk