Rasmere
Run a report

Legal

Privacy Notice

Last updated: 21 April 2026

1. Who we are

Rasmere ("we", "us", "our") is the data controller for personal data collected through the Rasmere planning risk intelligence service at rasmere.com. Rasmere is established in the United Kingdom and processes personal data under the UK GDPR and the Data Protection Act 2018. You can contact us at team@rasmere.com.

2. Personal data we collect

  • Account data: name, email address, company (optional), password (hashed).
  • Usage data: site addresses you submit, reports you generate, plan and credit usage, in-product activity.
  • Support data: messages and attachments you send to our support team.
  • Technical data: IP address, device and browser identifiers, log data, cookies and similar identifiers.
  • Marketing data: preferences and consents for service updates and marketing emails.

Payment data (card number, billing address, tax ID) is collected and processed directly by our payment provider, Paddle, as Merchant of Record — Rasmere does not see or store full card details.

3. How and why we use your data

  • Provide the Service — create your account, generate reports, manage credits and subscriptions. Legal basis: performance of a contract.
  • Customer support — respond to enquiries and resolve issues. Legal basis: legitimate interests / contract performance.
  • Security and fraud prevention — detect abuse, secure accounts, and protect the Service. Legal basis: legitimate interests and legal obligations.
  • Service improvement and analytics — understand how the Service is used and improve product quality. Legal basis: legitimate interests.
  • Service communications — send transactional emails (receipts, account notices, important updates). Legal basis: contract performance.
  • Marketing — send product updates and offers where you have opted in. Legal basis: consent (you can withdraw at any time).
  • Legal compliance — meet our legal, accounting, and regulatory obligations. Legal basis: legal obligation.

4. Who we share data with

  • Paddle.com Market Ltd ("Paddle") — our Merchant of Record. Paddle processes all payments, manages subscriptions, calculates and remits taxes, and issues invoices. See the Paddle Privacy Notice.
  • Cloud infrastructure and database providers hosting the Service in the UK and EU.
  • Email and transactional communication providers used to send account and service emails.
  • Analytics and error-monitoring providers that help us operate and improve the Service.
  • Professional advisers (legal, accounting, insurance) where reasonably necessary.
  • Authorities and regulators where required by law or to protect our rights.

We do not sell your personal data.

5. International transfers

Where personal data is transferred outside the UK or European Economic Area, we rely on appropriate safeguards such as the UK International Data Transfer Agreement, EU Standard Contractual Clauses, or an adequacy decision.

6. Data retention

We retain personal data only as long as necessary for the purposes set out in this notice. Account and report data is kept for as long as your account is active and for up to 24 months after closure. Billing and tax records are retained for 6 years to comply with UK tax law. Support records are generally retained for 24 months. Data is then deleted or anonymised.

7. Your rights

Under UK GDPR you have the right to:

  • access your personal data;
  • request correction of inaccurate data;
  • request erasure of your data;
  • restrict or object to certain processing;
  • request portability of data you provided to us;
  • withdraw consent at any time where processing is based on consent; and
  • lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, email team@rasmere.com. We will respond within one month.

8. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, hashed credentials, and regular review of our infrastructure. No system can be guaranteed completely secure; please notify us immediately if you suspect any unauthorised access to your account.

9. Cookies

We use strictly necessary cookies to keep you signed in and to operate the Service, and limited analytics cookies to understand usage. You can control cookies through your browser settings. Disabling strictly necessary cookies may break parts of the Service.

10. Changes to this notice

We may update this notice from time to time. Material changes will be communicated via the Service or by email. The "Last updated" date at the top reflects the latest revision.

11. Contact

For privacy questions or to exercise your rights, contact team@rasmere.com.