Download

Privacy Policy

Last updated: 8 May 2026

1. Who we are

This service is operated by Unified Retail Services Ltd ("we", "us", "our"), a company incorporated in England & Wales under company number 15752391, with registered office at Unit 1, Incubator 1, Alconbury Weald, Huntingdon, Cambridgeshire, PE28 4XA.

We are registered with the UK Information Commissioner's Office (ICO) under registration number ZB736537. For the purposes of UK data protection law, we are the controller of personal data processed through printplatformpro.com and the Print Platform Pro applications.

For any privacy queries, contact privacy@printplatformpro.com.

2. What data we collect

We process the following categories of personal data:

  • Account data — email address, password hash (Argon2id, never the password itself), display name (optional), preferred locale, two-factor settings.
  • Verification + recovery tokens — short-lived random tokens to verify your email address and to allow password resets.
  • Licence data — the licences issued to your account, the devices on which they are activated, and per-device hostnames, platform identifiers, and IP addresses recorded at activation and last validation.
  • Session data — opaque session tokens stored in HTTP-only cookies, plus the IP address and user-agent string of the originating browser. Sessions are revocable by row-level deletion.
  • Billing data — when you purchase a paid plan, our payment processor (Lemon Squeezy) handles your card details; we receive only a customer ID, plan tier, and renewal status. We never see or store your card number.
  • Support correspondence — any emails, attachments, or in-app feedback you send us.
  • Server logs — diagnostic logs from our application servers, retained for 30 days and used only for debugging and abuse prevention. These include request paths, status codes, IP addresses, and timestamps.

Where you use our software offline (Windows, macOS, Linux, or iOS apps) we do not collect telemetry. The applications phone home only to validate your licence at installation and at periodic intervals defined by your plan; no usage analytics are transmitted.

3. Lawful bases for processing

We rely on the following lawful bases under Article 6 of the UK GDPR:

  • Contract (Article 6(1)(b)) — to provide the service you signed up for: account creation, licence issuance, activation tracking, billing.
  • Legitimate interests (Article 6(1)(f)) — to operate the service securely, prevent abuse, and ensure infrastructure reliability. We have assessed that these interests are not overridden by your fundamental rights given the limited data scope and security measures applied.
  • Legal obligation (Article 6(1)(c)) — to retain accounting records as required by HMRC and to respond to lawful requests from regulators or law enforcement.
  • Consent (Article 6(1)(a)) — for any optional marketing communications, which you can withdraw at any time.

4. Cookies

printplatformpro.com uses strictly necessary first-party cookies only:

  • session — opaque session token, HTTP-only, Secure, SameSite=Lax. Required to keep you signed in.

We do not set advertising, analytics, or third-party tracking cookies. The Privacy and Electronic Communications Regulations (PECR) do not require consent for strictly necessary cookies.

5. How long we keep your data

  • Account data — for the lifetime of your account, plus 30 days after closure (to allow restoration if closed in error).
  • Verification + recovery tokens — auto-expire within 24 hours of issue.
  • Licence + activation data — for 7 years after the licence's last validation, to satisfy UK accounting record-keeping obligations.
  • Sessions — until expiry (default 30 days) or explicit logout.
  • Server logs — 30 days, then deleted.
  • Support correspondence — 24 months after the conversation closes.

6. Where your data is stored and processed

Our application servers and primary database are hosted in Amazon Web Services London (eu-west-2). Database backups are encrypted and stored within the same region. We do not transfer personal data outside the United Kingdom or the European Economic Area for routine operational purposes.

The following processors may, under their own terms, transfer data outside the UK; where they do, the transfers are covered by the UK International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses with the UK Addendum:

  • Amazon Web Services, Inc. — hosting (UK region; replication and metadata may transit US infrastructure).
  • Lemon Squeezy — payment processing (US, IDTA in place).
  • Amazon SES — transactional email (UK region).

7. Your rights

Under the UK GDPR you have the following rights, exercisable free of charge in most circumstances:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — correct inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten") — request deletion where the data is no longer needed for the purpose collected, subject to legal retention obligations above.
  • Right to restrict processing — limit how we use your data while a query is being resolved.
  • Right to data portability — receive a structured, machine-readable export of the data you provided to us.
  • Right to object — to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, email privacy@printplatformpro.com. We will respond within one calendar month, or notify you within that period if more time is needed (up to a further two months for complex requests, per Article 12(3)).

If you are unhappy with our response, you can complain to the UK Information Commissioner's Office: ico.org.uk/concerns or 0303 123 1113.

8. Security

Passwords are hashed using Argon2id and never stored or logged in plain text. All traffic to printplatformpro.com is served over TLS 1.2 or higher. Database connections from our application servers use SSL. Session tokens are opaque and revocable. Production access is gated behind AWS IAM with least-privilege roles and short-lived credentials via OIDC. We do not have a dedicated Data Protection Officer (DPO) but you can reach the person responsible for data protection at privacy@printplatformpro.com.

9. Children

Print Platform Pro is a B2B service. We do not knowingly collect personal data from anyone under the age of 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Automated decision-making

We do not use any automated decision-making (within the meaning of Article 22 UK GDPR) that produces legal or similarly significant effects on you. Licence validation is rule-based, not profiling.

11. Changes to this policy

If we make material changes (e.g. a new processor, a new lawful basis, a new transfer destination), we will email registered users at least 14 days before the changes take effect. Minor clarifications will be reflected in the "Last updated" date at the top of this page.