Legal · Last updated 2 July 2026

Privacy Policy

This policy explains what personal data Storage Compass (operated as a sole trader in the United Kingdom) collects, why, and your rights under the UK GDPR and the Data Protection Act 2018.

1. Controller & contact

The data controller is the operator of Storage Compass (sole trader, United Kingdom). Contact: info@storagecompass.co.uk. For data-subject requests use our privacy request form.

2. Data we collect

  • Account data: name, work email, password hash, organisation, role, plan tier.
  • Billing data: handled by Paddle (our merchant of record). We receive limited billing metadata (invoice ID, plan, country, VAT status). We do not store card details.
  • Usage data: pages viewed, searches, saved deals, credits consumed, IP address, device/browser, referrer.
  • Submissions: facility claims, land listings, lead enquiries and any content you send us.
  • Communications: support emails and in-app messages.
We do not knowingly collect data from anyone under 18.

3. Lawful bases & purposes

  • Contract — to provide the Service, process payments, and support you.
  • Legitimate interests — to secure the Service, prevent fraud/abuse, improve features, and send service updates.
  • Consent — for marketing emails, non-essential cookies/analytics. You can withdraw consent at any time.
  • Legal obligation — accounting, tax, and responding to lawful requests.

4. Public register & open data

Our platform surfaces information from public sources (Companies House, local planning authorities, UK Police API, ONS, OpenStreetMap, operator websites). Where this contains personal data (e.g. director names, applicant names on planning records) we process it under legitimate interests for market intelligence purposes. You may request suppression of your personal details from displayed records — see “Your rights”.

5. Sharing & processors

We share data only with processors needed to run the Service, including: Supabase (database/auth hosting, EU region), Cloudflare (edge hosting), Paddle (payments & VAT), Resend/Postmark or equivalent (email delivery), Google Maps Platform (map tiles & imagery), analytics providers, and support tooling. Each is bound by a data processing agreement. We do not sell personal data.

6. International transfers

Where data is transferred outside the UK/EEA, we rely on adequacy decisions or Standard Contractual Clauses with the UK Addendum.

7. Retention

Account data: for the life of your account plus up to 24 months. Billing records: 7 years (statutory). Usage logs: up to 24 months. Submissions (claims, listings, leads): retained while relevant to the Service. You can request earlier deletion (subject to legal holds).

8. Security

Encryption in transit (TLS) and at rest, role-based access, row-level security in the database, least-privilege service keys, audit logging, and regular dependency scanning. No system is 100% secure; you use the Service at your own risk.

9. Your rights

Under UK GDPR you have the right to: access, rectify, erase, restrict or object to processing, portability, and to withdraw consent. Email info@storagecompass.co.uk. You may also complain to the UK Information Commissioner (ICO) at ico.org.uk.

10. Cookies

We use essential cookies for authentication and security. Non-essential analytics cookies are set only with consent. See our disclaimer & cookie notice.

11. Changes

We may update this policy from time to time. Material changes will be notified in-app or by email.