Welcome to Reputation Buzz (“we”, “us”, “our”). We operate a software service that sends Google review reminders to your customers on your behalf (the “Service”). We are committed to protecting your privacy and handling personal data lawfully. This Privacy Policy explains how we collect, use, share, and protect personal data, and your rights under UK law.
Data Controller
For the purposes of the UK GDPR and the Data Protection Act 2018, Reputation Buzz, registered in England and Wales, with its registered office at 109 Dolphin House, SW18 1DG, London, is the data controller. You may contact us at [email protected].
Information We Collect
We collect information that you provide to us when you create and manage your account, such as your name, business name, contact details, login credentials, and payment information. We also collect information about your customers which you supply to us for the purpose of sending review reminders, including names, email addresses, telephone numbers if applicable, and details of the relevant transaction or booking. In addition, we automatically collect technical data such as IP addresses, device and browser details, and records of how you and your customers interact with our Service.
Legal Basis for Processing
We process data in order to perform our contract with you and deliver the Service. We also rely on our legitimate interests where we need to improve and secure the Service, to prevent misuse, and to provide support. In certain circumstances, such as when sending marketing communications, we will seek consent as a legal basis for processing.
How We Use Data
We use the information we collect to operate the Service, to send review reminders on your behalf, to provide you with analytics and reports about delivery and responses, and to manage your account and billing. We may also use data to detect and prevent fraud, to improve and develop our Service, and to comply with our legal obligations.
Marketing and PECR Compliance
Because our Service involves electronic communications, we comply with the Privacy and Electronic Communications Regulations (PECR). Any marketing messages that we send will only be sent with your consent or where legally permitted under the soft opt-in rules. All such messages will clearly identify us and provide an unsubscribe option. Review reminders and other service-related communications are considered transactional rather than marketing.
Sharing Data
We do not sell personal data. We may share data with service providers who process it on our behalf, including hosting companies, analytics platforms, and email or SMS gateways. We may also share information at your direction, for example where you choose to integrate our Service with other tools you use. We may disclose information if required by law or regulation, or in connection with business transfers such as mergers or acquisitions.
International Transfers
Some of our service providers may be located outside the UK or EEA. Where this occurs, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect the personal data being transferred.
Data Retention
We keep personal data only for as long as necessary. Your account information is retained while your account is active and for a reasonable period afterwards. Your customers’ information is retained only for as long as needed to deliver the Service or as specified by you. Technical and analytics information is usually kept for between twelve and twenty-four months in identifiable form, and may be kept longer in anonymised form.
Your Rights
Individuals have the right to access, rectify, erase, restrict or object to the processing of their data. They also have the right to data portability and, where processing is based on consent, the right to withdraw consent. To exercise these rights, you can contact us at [email protected]. You also have the right to lodge a complaint with the
Information Commissioner’s Office (ICO).
Security
We use a range of technical and organisational measures to protect personal data, including encryption, monitoring, and restricted access. While we take data security seriously, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Children
Our Service is not directed to individuals under the age of 16, and we do not knowingly collect data relating to children.
Changes to this Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated to you, and the most recent version will always be available on our website.
