Privacy Policy
Last updated: April 2026
1. Who we are
CrisisConnect Limited is a private limited company registered in England and Wales (Company No: 17210373). We build and operate the CrisisConnect platform at app.crisisconnect.uk and provide this marketing website at crisisconnect.uk.
For UK GDPR purposes, CrisisConnect Limited is the data controller for data collected through this website. For data processed within the CrisisConnect platform on behalf of subscribing organisations, CrisisConnect Limited acts as a data processor. Contact for data protection: privacy@crisisconnect.uk
2. This website (crisisconnect.uk)
This website collects minimal personal data. We collect information only when you actively provide it through our contact form:
- Name and email address
- Organisation name
- Content of your message
We do not use analytics cookies, tracking pixels, or third-party analytics tools on this website. No cookie consent banner is required.
3. The CrisisConnect platform (app.crisisconnect.uk)
The platform operates under a separate privacy policy available within the application. Subscribing organisations are data controllers for the personal data of their members, volunteers, and clients. CrisisConnect Limited acts as a data processor on their behalf under a Data Processing Agreement.
Platform data is hosted in the United Kingdom and is not transferred outside the UK/EEA.
4. How we use your data
We use contact form data to respond to your enquiry and, where relevant, to follow up about the platform. Our lawful basis is legitimate interests (responding to your enquiry) or pre-contractual steps (if you are enquiring about a subscription).
5. Data sharing
We do not sell your data or share it with third parties for marketing. We use Paddle as our payment processor — Paddle is the Merchant of Record and handles all billing data independently. We may share information with our email service provider (SendGrid) to deliver responses to your enquiries.
6. Retention
Contact enquiries are retained for 2 years. Subscription and billing records are retained for 7 years for legal and tax purposes (managed by Paddle).
7. Your rights
Under UK GDPR you have the right to access, correct, delete, or port your personal data, and to object to or restrict processing. To exercise these rights: privacy@crisisconnect.uk. You may also complain to the ICO at ico.org.uk.
8. Cookies
This website uses no non-essential cookies. The platform uses session cookies for authentication only.
9. Changes
We may update this policy from time to time. The date at the top reflects the last update.