Privacy Policy

Accountley (“Accountley”, “we”, “us”, or “our”) is the data controller responsible for your personal data. Accountley is a trading name operated by an individual based in the United Kingdom.

If you have any questions about this policy or how we handle your data, please contact us at contact@accountley.co.

We collect personal data in the following circumstances:

Account and billing data

• Name and email address when you register
• Billing address and payment information (processed securely via our payment provider; we do not store card details)
• Company name where applicable

Usage and technical data

• API request logs (endpoint, timestamp, response codes — not request payloads)
• IP address and browser or client type
• Pages visited on accountley.co and time spent

Communications

• Messages you send us via email or support channels
• Survey or feedback responses you choose to submit

We use your personal data to:

• Create and manage your Accountley account
• Provide, maintain, and improve the API service
• Process payments and send invoices
• Send transactional emails (e.g. API key delivery, usage alerts)
• Respond to support requests and enquiries
• Monitor service performance and prevent abuse
• Comply with our legal obligations
• Send product updates and announcements (you may opt out at any time)

We process your personal data under the following lawful bases set out in UK GDPR Article 6:

• Contract — processing necessary to perform our contract with you (e.g. providing the API service)
• Legitimate interests — improving our service, preventing fraud, and ensuring security, where these interests are not overridden by your rights
• Legal obligation — where we are required to process data to comply with applicable law
• Consent — for optional marketing communications, which you may withdraw at any time

We do not sell your personal data. We share data only with trusted third parties who process it on our behalf under appropriate data processing agreements:

• Cloud infrastructure providers (hosting and data storage)
• Payment processors for billing
• Email delivery providers for transactional and marketing email
• Analytics tools to understand product usage (configured to anonymise where possible)

We may also disclose your data where required by law or to protect the rights, property, or safety of Accountley, our users, or others.

Some of our third-party providers are based outside the UK. Where we transfer personal data outside the UK, we ensure that appropriate safeguards are in place — such as the UK International Data Transfer Agreement (IDTA) or adequacy decisions — in accordance with UK GDPR Chapter V.

We retain your personal data for as long as your account is active or as needed to provide the service. Where your account is closed:

• Account data is deleted within 90 days
• Billing records are retained for 7 years to comply with applicable tax record-keeping requirements
• Anonymised usage analytics may be retained indefinitely

We take the security of your data seriously. We implement appropriate technical and organisational measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. However, no system is completely secure and we cannot guarantee absolute security.

If you believe your account has been compromised, please contact us immediately at contact@accountley.co.

We use cookies and similar technologies for the following purposes:

• Strictly necessary cookies — essential for the website and API console to function
• Analytics cookies — to understand how visitors interact with our site (you may opt out via our cookie banner)
• Preference cookies — to remember your settings and choices

You can control cookies through your browser settings. Disabling certain cookies may affect site functionality.

Under UK GDPR, you have the following rights:

• Right of access — to obtain a copy of the personal data we hold about you
• Right to rectification — to have inaccurate data corrected
• Right to erasure — to have your data deleted in certain circumstances
• Right to restrict processing — to limit how we use your data
• Right to data portability — to receive your data in a structured, machine-readable format
• Right to object — to processing based on legitimate interests or for direct marketing
• Rights related to automated decision-making — we do not make solely automated decisions that produce legal or similarly significant effects

To exercise any of these rights, please contact contact@accountley.co. We will respond within one calendar month.

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the UK's supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

We would, however, appreciate the opportunity to address your concerns before you contact the ICO.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice on our website. The date at the top of this page reflects when the policy was last revised. Continued use of the service after changes are posted constitutes acceptance of the updated policy.