Privacy Policy

Last Updated: 24 July 2025

1. Introduction

Welcome to Justify.social Ltd (“Justify”, “we”, “us”, “our”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains, in clear detail, how we collect, use, store, share and keep safe the information you give us when you visit justify.social (the “Website”) or use any of our products or services (the “Services”).

Key Purposes

• To describe the types of personal data we collect from you.
• To explain how and why we process your personal data.
• To inform you of your rights in relation to your personal data.
• To explain how you can contact us for any data protection questions.

By using our Website or Services, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use immediately.

2. Who We Are

Justify.social Ltd (“Justify.social”) is a company registered in England and Wales under company number 16000647.

Registered address: Sunnyside, Back Lane, Stratford‑upon‑Avon, Warwickshire, CV37 8XA, United Kingdom.

ICO registration number: CSN2326977.

We act as the controller of your personal data.

Contacting Us

• Email: privacy@justify.social
• Attn: Data Protection Officer (DPO)

We have appointed a Data Protection Officer (“DPO”) to oversee compliance with this Privacy Policy. If you have any concerns about how we handle your personal data, you can contact the DPO at the details above.

3. The Data We Collect

“Personal data” means any information relating to a person that can identify them, directly or indirectly. We may collect and process the following categories of personal data:

1. Identity Data: First name, last name, username, date of birth, or similar identifiers.
2. Contact Data: Email address, phone number(s), postal address, or similar contact details.
3. Account Data: Username, password, preferences, survey responses, and any feedback you provide.
4. Financial Data: Payment method details (e.g., bank account or card info) when necessary to process transactions.
5. Transaction Data: Records of purchases, subscriptions, or other interactions with our Services.
6. Technical Data: IP addresses, login data, browser type, device identifiers, operating system, and platform details.
7. Usage Data: Pages visited, time spent on site, features used, referral URLs, and other analytics about how you interact with our Website or Services.
8. Marketing & Communications Data: Your preferences regarding marketing communications and notifications.
9. Special Category Data: We generally do not collect special category data (e.g., data about health or religious beliefs). If we ever need to process such data, we will obtain your explicit consent or rely on another lawful basis where permissible by law.

We may also collect, use, and share Aggregated Data (e.g., statistical or demographic data) for any purpose. Aggregated Data does not identify you directly or indirectly.

4. How We Collect Your Data

We use a range of methods to gather personal data, including:

1. Direct Interactions
   • You provide data when you create an account, update your profile, contact us by email or phone, subscribe to our Services, fill in forms, or respond to surveys.
2. Automated Technologies
   • As you navigate our Website or use our Services, we automatically collect Technical Data and Usage Data using cookies, server logs, and similar technologies. Please see Section 9 (Cookies and Tracking Technologies) for more details.
3. Third-Party Sources
   • Public databases or social media platforms (when you link to or log in using a social media account).
   • Payment processors or analytics providers who share relevant data needed for billing or usage insights.

5. Lawful Basis for Processing

We only collect and process your personal data where we have a valid legal basis under UK data protection law. This may include:

1. Performance of a Contract: When processing is necessary to provide the Services you have requested (e.g., managing your account, enabling payment).
2. Legitimate Interests: When processing is required for our legitimate interests (e.g., improving our Website, preventing fraud), and your fundamental rights do not override those interests.
3. Consent: When you have clearly agreed to receive marketing emails or to us handling special category data (if ever applicable). You may withdraw consent at any time.
4. Legal Obligation: When processing is necessary to comply with legal obligations, such as tax or accounting rules.

We rely on Contract to run your account and process payments; on Legitimate Interests to improve the Service and prevent fraud; on Consent for optional marketing; and on Legal Obligation to meet tax and regulatory duties.

6. How We Use Your Data

We may use your personal data for the following purposes:

• Account Registration and Profile Management: To set up, maintain, and secure your user account.
• Service Delivery: To process transactions, provide customer support, and ensure Service functionality.
• Communication: To send you notifications about updates, security alerts, or billing information related to our Services.
• Marketing and Promotions: To inform you about new features or offers that may interest you, if you have not opted out of marketing communications.
• Analytics and Product Improvement: To analyse usage trends, monitor user engagement, and enhance user experience.
• Legal Compliance: To fulfil our legal obligations or respond to lawful government or regulatory requests.

We do not engage in fully automated decision-making (including profiling) that produces significant effects concerning you without human involvement, unless we have your consent or are otherwise permitted by law.

7. Sharing and Disclosure

We do not sell your personal data. We only share it with carefully selected service providers that help us run the Website and Services (for example: secure payments, user authentication, cloud hosting, email delivery, analytics, video processing and error monitoring). These providers may handle limited data solely to deliver the service we have asked for and must keep it confidential and safe.

We may also share data if required by law, to protect our rights or the safety of others, or as part of a business transfer where the new owner must honour this Privacy Policy.

8. International Transfers

Where your personal data is transferred outside the UK or the European Economic Area (“EEA”), we will take steps to ensure that it is given an equivalent level of protection. This can include using:

• Adequacy Decisions: If the country has data protection laws deemed adequate by the UK (or EU).
• Standard Contractual Clauses: Contractual obligations between us and the recipient to safeguard your data.

Some service providers are based in the United States; we use Standard Contractual Clauses or the UK–US Data Bridge to keep your data safe. You can request a copy of these safeguards by contacting privacy@justify.social.

9. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to collect Technical Data about your browsing actions and usage patterns. These help us:

• Recognise you and your preferences.
• Customise the Website for a better user experience.
• Analyse how the Website is accessed and used.
• Non‑essential cookies are set only after you accept our banner.

You can disable cookies via your browser settings, but some parts of our Website may become inaccessible or not function properly as a result. For detailed information, please refer to our Cookie Notice (available on our Website).

10. Data Security

We maintain reasonable administrative, technical, and physical safeguards to protect your personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. Examples include:

• Access Controls: Granting employees and contractors only the access needed to perform their roles.
• Encryption: Securing data in transit and at rest where appropriate.
• Ongoing Monitoring: Regularly reviewing our data collection, storage, and processing practices.

While we take every reasonable precaution, please be aware that no system can be 100% secure, and we cannot guarantee absolute security of your data.

11. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes outlined in this Policy, including legal, accounting and dispute‑resolution duties. For instance, billing data is retained for seven years to meet tax regulations, while diagnostic log data is removed after ninety days. When data is no longer needed, we delete it securely or anonymise it so that it can no longer identify you.

12. Your Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include:

1. Right of Access: Obtain a copy of the personal data we hold about you.
2. Right to Rectification: Correct incomplete or inaccurate data about you.
3. Right to Erasure: Request deletion of your data where there is no lawful basis to continue processing.
4. Right to Restrict Processing: Limit how we process your data in certain circumstances (e.g., if you contest accuracy).
5. Right to Object: Oppose processing based on our legitimate interests or for direct marketing.
6. Right to Data Portability: Request transfer of your data to you or another provider in a structured, commonly used, machine-readable format.
7. Right to Withdraw Consent: Where consent is used as the legal basis for processing, you can withdraw it at any time.

To exercise any of these rights, please contact us at privacy@justify.social. We may need to confirm your identity to protect against fraudulent requests. We aim to answer every request within one month.

13. Children’s Privacy

Our Services are intended for business users and are not aimed at anyone under 18 years of age. We do not knowingly collect personal data from children. If you believe that a child has provided us with information, please contact us and we will remove it promptly.

14. Changes to This Privacy Policy

We may revise this Privacy Policy occasionally to reflect changes in our practices or for operational, legal, or regulatory reasons. Any significant updates will be posted on our Website, and where appropriate, we will notify you by email or other communication channels. We encourage you to review this page periodically to remain informed of how we are safeguarding your personal data.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data protection practices, please contact our DPO at:

• Email: privacy@justify.social
• Chat: Start Chat

You also have the right to lodge a complaint at any time with the Information Commissioner’s Office (ICO) (www.ico.org.uk), the UK supervisory authority for data protection. However, we would welcome the opportunity to resolve any issues directly—so please contact us first.