Free Risk Register
Contact Us Free Risk Register

Welcome to SnapGRC's Policy

Last Updated: 07/01/2025

1. Introduction

  1. Welcome to SnapGRC (“we”, “us”, “our”), a UK-based SaaS company. We are committed to protecting your privacy and handling your personal data transparently and securely. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services, website, or platform (collectively, the “Services”). By using our Services, you agree to the terms of this policy.

2. Data We Collect

  1. Personal Data: Information you provide directly (e.g., name, email, job title, company name, billing address).
  2. Payment Information: Credit/debit card details processed securely by third-party providers (e.g., Stripe, PayPal). We do not store card details on our servers.
  3. Usage Data: Information about your interactions with our Services (e.g., IP address, browser type, pages visited) via Google Analytics.
  4. Other Data: Additional information you provide (e.g., support queries, feedback).

3. How We Use Your Data

  1. Provide, maintain, and improve our Services.
  2. Process payments and manage subscriptions.
  3. Communicate with you (e.g., updates, support, marketing*).
  4. Analyze usage trends via Google Analytics.
  5. Comply with legal obligations (e.g., tax, fraud prevention).
  6. Legal Basis (UK GDPR):
    1. Contractual Necessity: To fulfill our service agreement.
    2. Consent: For marketing (opt-out available).
    3. Legitimate Interests: To improve Services and prevent fraud.
    4. Legal Obligations: To meet regulatory requirements.

4. Data Sharing

  1. Third-Party Service Providers:
    1. Google Analytics (see Google’s Privacy Policy).
    2. Payment processors (e.g., Stripe, PayPal).
    3. Cloud hosting and IT providers.
  2. Legal Authorities: If required by law.
  3. Business Transfers: During mergers, acquisitions, or sales.
  4. We do not sell your data to third parties.

5. Data Retention

  1. Payment Records: 7 years (UK financial compliance).
  2. Analytics Data: Up to 26 months (Google Analytics).
  3. Account Data: Until deletion request or account closure.

6. Your Rights (UK GDPR)

  1. Access, correct, or delete your data.
  2. Restrict processing or object to data use.
  3. Request data portability.
  4. Withdraw consent (where applicable).
  5. Contact us at [email protected] to exercise rights.

7. Cookies & Tracking

  1. We use cookies for analytics and functionality. Manage preferences via browser settings.

8. Security

  1. We implement encryption and access controls. Note: No online transmission is 100% secure.

9. International Data Transfers

  1. Data may be transferred outside the UK (e.g., Google Analytics in the US). Safeguards like SCCs apply.

10. Children’s Privacy

  1. Services are not intended for users under 18. We do not knowingly collect minors’ data.

11. Changes to This Policy

  1. Updates will be communicated via email or website notice.

12. Contact Us

  1. Email: [email protected]

Copyright © 2025 SnapGRC