Privacy Policy

Last updated: Monday 18th August 2025

1. Introduction

Welcome to Refurb Calculator, operated by Help Build Ltd ("we", "our", or "us"). We are committed to protecting your privacy and handling your personal data in accordance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website and services at refurbcalculator.co.uk.

Data Controller Information

Company: Help Build Ltd

Company Number: 15240270

Contact: [email protected]

Address: 1st Floor 8-12 London Street, Southport, Merseyside, United Kingdom, PR9 0UE

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Name, email address, password when you register
Project Data: Property dimensions, refurbishment details, cost estimates you create
Payment Information: Billing details (processed securely by payment providers - Stripe)
Contact Information: When contacting support
Profile Information: Any additional details you choose to add

2.2 Information We Collect Automatically

Usage Data: How you interact with our service, features used, time spent
Device Information: Browser type, operating system, IP address
Cookies and Tracking: As described in our Cookie Policy
Log Data: Server logs including access times and pages viewed

3. How We Use Your Information

Service Delivery: Providing access to the refurb calculator and saving your projects
Account Management: Creating and maintaining your user account
Payment Processing: Handling subscriptions and billing
Customer Support: Responding to your queries and assistance
Service Improvement: Analyzing usage to enhance features and experience
Security: Protecting against fraud and unauthorised access
Legal Compliance: Meeting legal obligations
Marketing: Sending service updates and promotional content (with your consent)

You can opt out of marketing at any time by emailing [email protected] or using the unsubscribe link in our emails.

4. Legal Basis for Processing

Under UK GDPR, we process your personal data based on:

Contract Performance: To provide services as agreed in the Terms of Service
Legitimate Interests: For service improvement, security, and operations
Legal Obligation: To comply with tax, accounting, and other laws
Consent: For marketing communications and non-essential cookies

5. Data Sharing and Disclosure

5.1 Service Providers

We may share your information with:

Firebase / Google Cloud: Hosting and database services
Stripe: Payment processors
Email Services: For transactional and marketing emails
Google Analytics: Analytics provider

5.2 Legal Requirements

We may disclose your information when required by law, court order, or to:

Protect our rights and property
Investigate potential violations of our terms
Protect users or the public
Comply with legal processes

6. International Data Transfers

Some service providers may be outside the UK. We ensure appropriate safeguards are used, such as:

Adequacy decisions by the UK government
Standard Contractual Clauses (SCCs)
Certification schemes and codes of conduct
For example, Stripe and Google Cloud may process data in the United States.

7. Your Rights Under UK GDPR

You have the following rights:

Right of Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate/incomplete data
Right to Erasure: Delete your data (“right to be forgotten”)
Right to Restrict Processing: Limit how your data is used
Right to Data Portability: Receive your data in a structured format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent where used

To exercise these rights, contact [email protected]. We will respond within one month of your request.

8. Data Security

We implement various measures, including:

Encryption: Data encrypted in transit and at rest
Access Controls: Data access limited on a need-to-know basis
Regular Audits: Security assessments and vulnerability testing
Incident Response: Procedures for data breach detection and response
Staff Training: Regular data protection and security training for employees

9. Data Retention

We retain your data only as long as necessary for specified purposes:

Account Data: Until you delete your account or 3 years of inactivity
Project Data: Until manually deleted by you
Payment Records: 7 years (UK legal requirement)
Marketing Data: Until you unsubscribe or object
Support Communications: 3 years from last contact

10. Cookies and Tracking

We use cookies and similar technology to enhance your experience. For more detailed info, see our separate Cookie Policy.

11. Children’s Privacy

Our service is not intended for children under 16. We do not knowingly collect data from those under 16. If you become aware a child has provided personal data, please contact us immediately.

12. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

Posting a notice on our website
Sending an email to registered users
Updating the "Last updated" date

13. Data Protection Officer

We are not required to appoint a Data Protection Officer under UK GDPR, but our privacy team handles all data protection matters. Contact them at [email protected].

14. Supervisory Authority

If unresolved issues arise, you may lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)

Website: www.ico.org.uk

Phone: 0303 123 1113

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

15. Contact Us

For any questions about this Privacy Policy or our practices:

Privacy Enquiries

Email: [email protected]

Response Time: Aiming to reply within 48 hours

Subject Line: Please use "Privacy Policy Query" in your email subject

Sign In