CredeeApp Privacy Policy

EFFECTIVE DATE: MARCH 1st, 2026

Privacy Policy

1. Our Approach to Privacy

1.1 This Privacy Policy explains how Credee Ltd (“Credee Ltd”, “CredeeApp”, “we”, “us”, or “our”) collects, uses, stores, shares, and otherwise processes personal data relating to individuals who access or use the CredeeApp platform, website, software, and related services, as well as information regarding our use of cookies and similar technologies.

1.2 CredeeApp is a software platform owned and operated by Credee Ltd. The CredeeApp platform is made available through our website at https://credeeapp.co.uk, related applications, and other products and services we may make available from time to time (together, the “CredeeApp Service”).

1.3 This Privacy Policy applies to the personal data processed in connection with the CredeeApp Service.

1.4 Please read this Privacy Policy carefully before using the CredeeApp Service. It explains how we process personal data and the rights available to you under applicable data protection laws. Where consent is required by law, we will request it separately.

2. Personal Information We Collect About You and How We Use It

2.1 Information you provide to us

We collect personal data that you voluntarily provide to us when you:

  • create an account or subscribe to the CredeeApp Service;
  • complete forms on our website;
  • communicate with us by email, phone, or other means;
  • use features of the Service, including account setup, billing, or customer management tools; or
  • participate in surveys, promotions, or support requests.

This may include your name, email address, contact details, business information, and any other information you choose to provide.

2.2 Failure to provide data

Where we require personal data to provide the Service, and you do not provide such data, we may not be able to provide the Service or respond to your requests.

2.3 Information received from third parties

We may receive personal data about you from:

  • Subscribers (for example, where you are added as an Authorized User or client);
  • third-party service providers, including payment processors (such as Stripe), analytics providers, hosting providers, and technical partners;
  • publicly available sources or other services you interact with.

Such data is processed in accordance with applicable law and, where relevant, your agreements with those third parties.

2.4 Legal basis for processing

We process personal data only where we have a valid legal basis to do so under applicable data protection laws, including:

  • performance of a contract (to provide the Service);
  • compliance with legal obligations;
  • legitimate interests (such as improving our Service, ensuring security, and preventing fraud), provided such interests are not overridden by your fundamental rights and freedoms; and
  • consent, where required under applicable law.

Where processing is based on legitimate interests, we carry out appropriate assessments to ensure that such processing is fair, necessary, and proportionate.

2.5 Automatically collected information

We automatically collect certain technical and usage information when you access or use the Service, including:

  • IP address;
  • device type, browser type, and operating system;
  • usage data, logs, and interaction data;
  • cookies and similar technologies (see Section [Cookies]).

2.6 Combining information

We may combine personal data collected from different sources to improve the functionality, security, and user experience of the Service.

2.7 Aggregated and anonymised data

We may anonymise and aggregate personal data so that it no longer identifies any individual. Such data may be used for analytics, research, service improvement, and business purposes, and may be shared with third parties.

2.8 Payment-related data (Stripe compliance)

Where you use payment-related features within the Service:

  • payment processing is carried out by third-party providers such as Stripe;
  • we do not store or process full payment card details;
  • we may receive limited transaction data (such as payment status, amounts, and identifiers) from the payment provider;
  • such data is used solely for billing, reconciliation, fraud prevention, and compliance purposes.

2.9 Controller and Processor roles

  • Credee Ltd acts as a data controller for personal data processed for its own business purposes (such as account management, billing, and support).
  • Where personal data is processed on behalf of Subscribers through the Service, Credee Ltd acts as a data processor and processes such data only in accordance with the Subscriber’s instructions.

2.10 Financial and Payment Compliance

Credee Ltd does not provide regulated financial services and does not act as a payment institution, e-money institution, or financial intermediary. All payment processing, settlement, and handling of funds are performed by authorised third-party payment providers (such as Stripe) in accordance with their regulatory obligations. Subscribers are solely responsible for ensuring compliance with any financial, tax, or regulatory requirements applicable to their use of payment features.

2.11 Data minimisation

We collect and process only the personal data that is necessary for the purposes described in this Privacy Policy and in accordance with the principle of data minimisation under applicable data protection laws.

3. Disclosure of Your Personal Information

3.1 Sharing with service providers and partners

We may share your personal data with:

  • companies within our corporate group (including affiliates and subsidiaries); and
  • trusted third-party service providers who assist us in operating the Service.

Such third parties may include:

(a) business partners, vendors, suppliers, and subcontractors who provide services such as hosting, infrastructure, customer support, and technical operations;

(b) analytics providers and search engine providers that help us improve and optimize the Service;

(c) credit reference agencies, where necessary to assess creditworthiness as part of a contractual relationship; and

(d) payment service providers, including Stripe Payments or its affiliates (“Payment Processor”), for the purpose of processing payments, fraud prevention, and compliance with financial regulations.

These third parties are permitted to use personal data only as necessary to provide services to us and are subject to contractual obligations to protect personal data in accordance with applicable data protection laws.

Credee Ltd remains responsible for ensuring that appropriate safeguards are in place where personal data is processed on its behalf.

We may maintain a list of key subprocessors used in delivering the Service, which may be made available upon reasonable request.

3.2 Payment processing (Stripe-specific transparency)

Where payment functionality is used:

  • payment transactions are processed directly by the Payment Processor (e.g., Stripe);
  • personal and financial data required to process payments may be shared with the Payment Processor;
  • such processing is governed by the Payment Processor’s own privacy policy and terms; and
  • Credee Ltd does not store or have access to full payment card details.

3.3 Legal disclosures

We may disclose personal data where required to do so by law or where we reasonably believe such disclosure is necessary to:

  • comply with legal obligations, court orders, or regulatory requirements;
  • enforce our Terms and other agreements;
  • prevent fraud, financial crime, or security threats; or
  • protect the rights, property, or safety of Credee Ltd, our users, or others.

This may include sharing information with law enforcement agencies, regulators, or fraud prevention organisations.

3.4 Public forums and user-generated content

Our Service may include publicly accessible areas (such as blogs, forums, or social media features). Any information you submit in such areas may be publicly visible and may be collected or used by others.

If you wish to request removal of your personal data from such areas, please contact us at support@credeeapp.co.uk. We will assess such requests in accordance with applicable law, although removal may not always be possible.

3.5 Testimonials and endorsements

With your consent, we may publish testimonials or reviews on our website. You may request the update or removal of your testimonial at any time by contacting us at support@credeeapp.co.uk.

3.6 Business transfers

We may disclose personal data to third parties in connection with a business transaction, including a merger, acquisition, restructuring, or sale of assets.

If such a transaction occurs, personal data may be transferred as part of the transaction. Where required, we will notify you of any change in ownership or control and inform you of any choices you may have regarding your personal data.

3.7 Data controller and processor roles

Credee Ltd acts as a data controller for personal data processed for its own purposes (such as account management, billing, support, and compliance).

Where personal data is processed on behalf of Subscribers through the Service, Credee Ltd acts as a data processor and processes such data only in accordance with the Subscriber’s documented instructions.

4. Marketing and Advertising

4.1 Marketing communications

We may send you information about the CredeeApp Service, updates, and other products or services that may be of interest to you.

Where required by applicable law, including the UK Privacy and Electronic Communications Regulations (PECR) and the UK GDPR, we will obtain your prior consent before sending marketing communications by electronic means (including email, SMS, or telephone).

Where permitted by law, we may rely on legitimate interests to send limited marketing communications to existing customers about similar products or services, provided that you are given a clear opportunity to opt out at the time your details are collected and in every subsequent communication.

We may use personal data to personalise marketing communications and improve relevance based on your interaction with the Service.

4.2 Opt-out and withdrawal of consent

You have the right to opt out of marketing communications at any time.

You can do this by:

  • clicking the unsubscribe link included in marketing emails;
  • updating your preferences via our subscription centre at https://credeeapp.co.uk/subscribe (or any updated link provided); or
  • contacting us at support@credeeapp.co.uk.

Withdrawal of consent will not affect the lawfulness of any processing carried out prior to such withdrawal.

4.3 Service-related communications

We may send you service-related communications that are necessary for the operation of the Service, including account notifications, billing updates, security alerts, and service announcements. Such communications are not marketing communications and do not require prior consent where permitted by applicable law.

5. Storing and Transferring Your Personal Information

5.1 Security.

Credee Ltd implements appropriate technical and organisational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage, in accordance with applicable data protection laws, including the UK GDPR.

Such measures include, where appropriate:

  • encryption of data in transit and at rest;
  • access controls and authentication mechanisms;
  • monitoring, logging, and security incident detection; and
  • regular review and testing of security practices.

You are responsible for maintaining the confidentiality of your account credentials, including your username and password, and for restricting access to your account. You must notify us promptly if you become aware of any unauthorized access or security incident.

5.2 Data transmission

While we take appropriate measures to safeguard personal data, no method of transmission over the internet or method of electronic storage is completely secure. While we implement industry-standard security measures, no system can be guaranteed to be completely secure. We therefore cannot guarantee absolute security but take all reasonable steps to protect personal data.; however, we implement industry-standard safeguards designed to protect your information.

5.3 International data transfers

Your personal data may be transferred to, stored, or processed in countries outside the United Kingdom.

Where such transfers occur, Credee Ltd ensures that appropriate safeguards are in place in accordance with applicable data protection laws, including:

  • transfers to countries recognised as providing an adequate level of data protection;
  • the use of Standard Contractual Clauses (SCCs) or equivalent safeguards approved under UK law; or
  • other legally approved transfer mechanisms.

5.4 Third-party hosting and infrastructure

We may use third-party service providers (including cloud infrastructure providers) to host and process personal data. Such providers are contractually required to implement appropriate security measures and to process personal data only in accordance with our instructions.

5.5 Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to comply with legal, regulatory, and contractual obligations, and to resolve disputes.

6. Retaining Your Information

6.1 Retention period

Credee Ltd will retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to:

  • provide and maintain the Service;
  • comply with legal, regulatory, accounting, and reporting obligations;
  • resolve disputes and enforce our agreements; and
  • prevent fraud and ensure the security of the Service.

6.2 Determining retention periods

In determining appropriate retention periods, we take into account:

  • the nature, scope, and purpose of the processing;
  • the type and sensitivity of the personal data;
  • the potential risk of harm from unauthorized use or disclosure; and
  • applicable legal and regulatory requirements.

6.3 Account and service data

Where you have an account with us, we will generally retain your personal data for the duration of your account and for a reasonable period thereafter to comply with legal obligations and support business operations.

6.4 Payment and transaction data

Certain data related to payments and transactions may be retained for longer periods where required by applicable financial, tax, or anti-fraud regulations. Payment processing providers (such as Stripe) may retain data in accordance with their own legal and regulatory obligations.

6.5 Deletion and anonymisation

When personal data is no longer required for the purposes for which it was collected, we will securely delete or anonymise such data in accordance with applicable laws and our internal data retention policies.

7. Your Rights in Respect of Your Personal Information

7.1 Your rights

Under applicable data protection laws, including the UK GDPR and the Data Protection Act 2018, you have the following rights:

  • the right to access your personal data (right of access);
  • the right to request correction of inaccurate or incomplete personal data (right to rectification);
  • the right to request deletion of your personal data in certain circumstances (right to erasure);
  • the right to request restriction of processing in certain circumstances;
  • the right to object to processing, including processing based on legitimate interests or for direct marketing purposes;
  • the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer it to another controller (right to data portability); and
  • the right to withdraw consent at any time where processing is based on consent.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters (www.ico.org.uk) or by contacting the ICO helpline.

7.2 Exercising your rights

If you wish to exercise any of your rights, you may contact us using the contact details provided in this Privacy Policy. We may request verification of your identity before processing your request to ensure the security of your personal data. We will respond to all valid requests without undue delay and, in any event, within one (1) month of receipt, unless a longer period is permitted under applicable law. Where permitted, you may also access, update, or delete certain personal data directly through your account within the CredeeApp Service.

7.3 Use of personal data

Credee Ltd does not sell personal data. Personal data is processed solely for the purposes described in this Privacy Policy, including providing, maintaining, and improving the Service, and complying with legal obligations.

8. Cookies and Similar Technologies

8.1 Use of cookies

Our Service uses cookies and similar technologies (collectively referred to as “cookies”) to distinguish you from other users, enhance your experience, improve our Service, and support security and performance. Cookies are small text files placed on your device when you access our website or Service.

8.2 Consent to cookies

Where required by applicable law, including the UK Privacy and Electronic Communications Regulations (PECR) and the UK GDPR, we will obtain your consent before placing non-essential cookies on your device. You can manage your cookie preferences at any time through our cookie consent banner or settings tool available on our website. Strictly necessary cookies do not require consent.

8.3 Types of cookies we use

We use the following categories of cookies:

(a) Strictly necessary cookies
These cookies are essential for the operation of the Service, including authentication, security, and fraud prevention. These cookies cannot be disabled.

(b) Analytical or performance cookies
These cookies allow us to analyse how users interact with the Service, including page visits and traffic patterns, so that we can improve functionality and performance.

(c) Functionality cookies
These cookies enable us to recognise you when you return to the Service and remember your preferences (such as language or region).

(d) Targeting or advertising cookies
These cookies record your browsing activity to help deliver relevant content or advertising.
These cookies may be set by us or by third-party providers.

8.4 Third-party cookies

Some cookies may be placed by third-party service providers, including analytics providers, advertising networks, or social media platforms. These third parties may collect information about your online activities over time and across different websites. We do not control these cookies, and their use is governed by the respective third parties’ privacy policies.

8.5 Managing cookies

You can control and manage cookies in several ways:

  • through our cookie consent tool on the website;
  • by adjusting your browser settings to block or delete cookies; or
  • by using third-party tools to manage tracking preferences.

Please note that disabling certain cookies may affect the functionality and performance of the Service.

8.6 Social media features

Our Service may include social media features (such as sharing buttons or embedded content). These features may collect your IP address and information about your interaction with the Service, and may set cookies.

Such features are governed by the privacy policies of the relevant third-party providers.

9. Links to Third-Party Sites

9.1 Third-party websites

The Service may contain links to third-party websites or services that are not owned or controlled by Credee Ltd. If you access or follow a link to any third-party website, please note that such websites operate independently and have their own privacy policies and terms. Credee Ltd does not control and is not responsible for the content, security, or privacy practices of such third-party websites. We recommend that you review the privacy policies of any third-party websites before providing any personal data to them.

9.2 Embedded content and framing

Some pages of our Service may include embedded content or framing provided by third-party partners or services. Where such features are used, personal data may be collected directly by the relevant third party. In such cases, your interaction with the embedded content or third-party service is governed by the privacy policy of the respective third party, and not by this Privacy Policy.

10. Our Policy Towards Children

10.1 Age restriction

The Service is not directed to individuals under the age of 18, and Credee Ltd does not knowingly collect or process personal data relating to children under 18 in its capacity as a data controller.

10.2 Inadvertent collection

If we become aware that personal data relating to a child under the age of 18 has been collected without appropriate authorisation or legal basis, we will take appropriate steps to delete such data as soon as reasonably practicable.

10.3 Notification

If you believe that a child has provided personal data to us, please contact us using the contact details provided in this Privacy Policy so that we can investigate and take appropriate action in accordance with applicable data protection laws.

11. Changes to This Privacy Policy

11.1 Updates

Credee Ltd may update this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements. Where changes are material, we will provide reasonable notice to users, which may include email notification or a prominent notice on our website. The “last updated” date at the end of this Privacy Policy will indicate when it was last revised. Continued use of the Service after such updates constitutes acceptance of the revised Privacy Policy.

12. Notices

12.1 Communications

We may provide you with notices or communications relating to the Service, including legal notices, service updates, and administrative messages, through appropriate means such as email, in-app notifications, or website notices. Where required by applicable law, we will obtain your consent before sending marketing communications. Your right to opt out of marketing communications is not affected by receiving service-related or legal notices.

13. Contacting Us

13.1 Contact details

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, you may contact us at:

Email: support@credeeapp.co.uk.

Address: Credee Ltd, 82 King Street, Manchester, M2 4WQ, United Kingdom

We will respond to your request in accordance with applicable data protection laws.

13.2 Data Protection Contact

For data protection-related queries, you may contact our Data Protection team at:

Email: support@credeeapp.co.uk.

Where required under applicable law, we will respond in accordance with UK GDPR timelines and obligations.

14. SMS Communication

14.1 Use of SMS

Where SMS communication is used, it will be conducted in compliance with applicable laws, including the UK Privacy and Electronic Communications Regulations (PECR) and the UK GDPR.

14.2 Consent

We will obtain your prior consent before sending marketing communications via SMS, where required by law.

14.3 Opt-out

You may opt out of receiving SMS communications at any time by:

  • replying STOP to any SMS message; or
  • contacting us at support@credeeapp.co.uk.
  • You may also request assistance by replying HELP.

14.4 Data use

We do not sell or share SMS opt-in data or phone numbers for third-party marketing purposes. SMS-related personal data is used solely for communication and service-related purposes in accordance with this Privacy Policy.