1. Introduction

Justbright Ltd trading as RoundControl ("RoundControl", "we", "us", or "our") is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect personal information when you use our website, software platform, and related services.

We process personal data in accordance with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and other applicable data protection laws.

2. Who We Are

Data Controller:

Tania Houston

Company Name:

Justbright Ltd t/a RoundControl

Registered Address:

Donaldson Ross & Co, 12 Millstream Trading Estate, Christchurch Road, Ringwood, BH24 3SE

Company Number:

05488123

For questions regarding this Privacy Policy or our handling of personal data, please contact us using the details above or contact us.

3. Information We Collect

When a business registers with or enquires about our services, we may collect:

• Business name
• Business address
• Business contact details
• Contact names
• Email addresses
• Telephone numbers
• Account and billing information
• History of communications with our support team

Where a customer subscribes to our services, RoundControl will host information relating to that customer's distributors. Such information is supplied by our customer and may include:

• Distributor names
• Business contact details
• Business addresses
• Contact persons
• Email addresses
• Telephone numbers
• Communication history
• Other distributor-related information uploaded by the customer

RoundControl does not use this information for its own purposes and hosts it solely to provide the subscribed service.

4. How We Use Personal Information

We use business account information to:

• Create and manage customer accounts
• Provide access to our services
• Process payments and subscriptions
• Communicate with customers
• Provide technical support
• Maintain service security and reliability
• Comply with legal obligations

We do not analyse, profile, sell, or otherwise process distributor data hosted on behalf of our customers beyond what is necessary to store, secure, and make it available through the service.

5. Legal Basis for Processing

We process personal information under one or more of the following legal bases:

• Performance of a contract with our customers
• Legitimate interests in operating and improving our business
• Compliance with legal obligations
• Consent, where required by law

6. Data Processor Activities

In relation to distributor information uploaded by subscribed customers, RoundControl acts as a data processor and processes such information only in accordance with the customer's documented instructions.

The customer remains the data controller for that information and is responsible for ensuring it has an appropriate legal basis for collecting and using the data.

7. Access to Data

Access to personal information is restricted to authorised personnel who require access for legitimate business purposes.

Authorised RoundControl staff may access customer and distributor data in order to:

• Provide technical support
• Investigate faults or service issues
• Maintain system security
• Respond to customer requests

All access is limited to what is necessary for the relevant purpose.

8. Data Sharing

We do not sell personal information for business subscribers, distributors, or internal staff registered on the account.

We may share personal information with:

• Professional advisers
• Cloud hosting and infrastructure providers
• Regulatory authorities where legally required

Any third-party service providers are required to protect personal information and process it only in accordance with applicable laws.

9. International Transfers

Where personal information is transferred outside the United Kingdom, typically for website hosting purposes, we will ensure that appropriate safeguards are in place in accordance with applicable data protection laws.

10. Data Security

We implement appropriate technical and organisational measures to protect personal information against:

• Unauthorised access
• Accidental loss
• Alteration
• Disclosure
• Destruction

These measures include access controls, authentication procedures, system monitoring, and secure hosting arrangements.

11. Data Retention

We retain personal information only for as long as necessary to:

• Provide our services
• Meet contractual obligations
• Resolve disputes
• Comply with legal and regulatory requirements

Upon termination of a customer's subscription, hosted data will be retained and deleted in accordance with the applicable service agreement and retention policies.

12. Individual Rights

Where applicable under data protection law, individuals may have rights to:

• Access their personal information
• Request correction of inaccurate information
• Request erasure of personal information
• Restrict processing
• Object to processing
• Request data portability
• Lodge a complaint with a supervisory authority

Requests relating to distributor data should generally be directed to the customer acting as data controller.

13. Cookies and Website Technologies

Our website may use cookies and similar technologies to improve functionality, security, and user experience. Further details can be provided in a separate Cookie Policy.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published on our website and become effective upon publication.

15. Contact Us

If you have any questions about this Privacy Policy or our data protection practices, we can be contacted on the details provided in section 2 of this policy.

If you are dissatisfied with our response, you may lodge a complaint with the UK's data protection regulator, the Information Commissioner's Office (ICO).