Reddy Apps

Reddy Apps

Products Services Contact

Legal

Privacy Policy.

How we collect and use personal data across Reddy Apps LTD products and services.

Last updated: 30 June 2026

1. Who we are

This Privacy Policy explains how Reddy Apps LTD ("we", "us", "our") collects and uses personal data in connection with our products and services, including the SmashingSite service. We are the data controller.

Reddy Apps LTD, registered in England and Wales, company number 16558403, registered office Unit 82a James Carter Road, Bury St. Edmunds, IP28 7DE.

We are registered with the Information Commissioner's Office (ICO), registration reference ZC172857. You can verify this on the ICO's public register at ico.org.uk.

Contact for privacy matters: info@reddyapps.co.uk.

2. The personal data we collect

a) Customers (people who buy a website from us)

  • Contact and business details (name, business name, email, phone, address, town).
  • Your website content (logo, photos, services, prices, customer reviews you provide).
  • Payment information - handled by our payment provider GoCardless. We receive confirmation, your name and email, and limited details (for example the last digits of your bank account); we do not store full bank details ourselves.

b) Potential customers (businesses we may approach with a demo)

  • Publicly available business information (business name, trade, town, phone, email, website, public social media links, public reviews and photos) gathered to build a sample website and to contact the business. See section 6.

c) Website visitors

  • Limited technical data needed to operate and secure the sites (for example a temporary cookie used to unlock a private demo). See section 7.

3. How we use your data and our lawful bases

  • To provide the service and manage your subscription - performance of a contract.
  • To take and manage payments via GoCardless - performance of a contract / legal obligation.
  • To send you service and confirmation emails (via Resend) - performance of a contract.
  • To build and show a sample website to a potential customer, and to contact that business about it - legitimate interests (business-to-business marketing). See section 6.
  • To keep our service secure and to comply with our legal obligations - legitimate interests / legal obligation.

4. Who we share data with (processors)

We use trusted providers who process data on our behalf:

  • GoCardless - payment processing (Direct Debit and Instant Bank Pay). (United Kingdom)
  • Resend - sending transactional and confirmation emails. (United States)
  • Cloudflare - website hosting and delivery. (United States, with UK/EU edge nodes used where possible)

These providers act under contract and only process data as instructed. We do not sell your personal data.

5. International transfers

Some of our providers (for example Resend and Cloudflare) are based in or transfer data to the United States. Where personal data is processed outside the UK, appropriate safeguards (such as the UK International Data Transfer Addendum to the EU Standard Contractual Clauses) are in place.

6. Contacting potential customers (prospect data)

Where we build a sample website for a business we have not yet worked with, we use information that is publicly available about that business, and we may contact the business (for example by email or phone) to show them the sample. We rely on legitimate interests for this business-to-business outreach. A business can ask us at any time to stop contacting them and to delete its data (see section 10).

7. Cookies

Our private demo sites use a single functional cookie to remember that a visitor has entered the correct access code, so they do not have to re-enter it. It is not used for tracking or advertising.

8. How long we keep data

We keep personal data only as long as necessary for the purposes above and to meet legal and accounting obligations. Customer and purchase records are retained for the duration of the subscription and then for 6 years to meet HMRC accounting requirements, after which they are deleted.

Where we hold data about a business we have approached but who has not become a customer, we keep it only for as long as we are actively pursuing that opportunity, and in any event we delete it within 12 months of our last contact, unless the business becomes a customer or asks us to delete it sooner.

9. Security

We use appropriate technical and organisational measures to keep personal data secure, including encryption in transit, access controls, and the use of reputable providers who maintain their own security standards.

10. Your rights

Under UK data protection law you have the right to access, correct, delete, restrict or object to the processing of your personal data, and to data portability. To exercise any of these, email info@reddyapps.co.uk.

We will respond to any such request within one month, and we do not charge a fee for a valid request (except where the law allows, for example where a request is manifestly unfounded or excessive).

You also have the right to object to direct marketing at any time, and, where we rely on your consent, the right to withdraw that consent at any time (withdrawal does not affect processing carried out before you withdrew).

You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk. We would appreciate the opportunity to address any concerns before you contact the ICO - please email us first.

11. Changes

We may update this Policy from time to time. The "Last updated" date shows when it last changed.

Reddy Apps LTD Reddy Apps LTD

A UK-based software development studio building web and mobile products for ambitious businesses.

info@reddyapps.co.uk +44 7368 135687

Pages

  • Home
  • Services
  • Products
  • Contact

Products

  • SingsYourName
  • TidyBookingSoon
  • ♪ o o ♪

© 2026 Reddy Apps LTD. Company No. 16558403. United Kingdom.

Terms Privacy