Privacy policy

Account details (name, email, password hash), professional credentials (qualifications, DBS, insurance), profile content, booking and payment metadata, and usage analytics.

To operate the platform, verify professionals, process payments, surface relevant search results, send transactional and (with consent) marketing communications, and detect fraud.

We process data under contract (to deliver the service), legitimate interests (platform safety, fraud prevention), legal obligation (record-keeping), and consent (optional marketing and cookies).

Stripe (payments), Resend (email), Cloudflare (hosting/storage), Mapbox (location), and verification partners where required. We never sell personal data.

Some processors operate outside the UK. We rely on UK Adequacy decisions and Standard Contractual Clauses where appropriate.

Account data is kept for as long as your account is active, plus 6 years for accounting records. Closed-account data is anonymised on a rolling 90-day schedule.

Under UK GDPR you can access, rectify, erase, restrict and port your data, and object to processing. Email privacy@repsglobal.com to exercise these.

We use TLS 1.3, at-rest encryption, scoped access controls, and quarterly third-party penetration testing.

You can lodge a complaint with the UK Information Commissioner's Office at ico.org.uk.