Your privacy matters to us. This policy explains what personal data we collect, why we collect it, how we use it, and what rights you have. We will never sell your data to third parties. If you have any questions, email us at jack@beforeyouoffer.com.
Contents
1. Who We Are
Before You Offer Ltd is the data controller responsible for your personal data. We are a company registered in England and Wales.
Contact: jack@beforeyouoffer.com
Website: beforeyouoffer.com
We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. What Data We Collect
Data you provide directly
| Data | Why we collect it |
|---|---|
| Email address | To deliver your report and send order confirmation |
| Property listing URL | To generate your renovation cost report |
| Payment information | Processed securely by Stripe — we never see or store your card details |
Data we collect automatically
| Data | Why we collect it |
|---|---|
| IP address | Security, fraud prevention and approximate location for regional pricing |
| Browser and device type | To ensure the site works correctly on your device |
| Pages visited and time spent | Analytics to help us improve the site (only with your consent) |
| Referral source | To understand how people find us (only with your consent) |
| Session recordings and heatmaps | To understand how people use the site and improve the experience (only with your consent) |
Data from third-party services
When you complete a payment, Stripe may share with us your payment status and the email address used at checkout. We do not receive your full card details at any point.
3. How We Use Your Data
We use your personal data for the following purposes:
- To fulfil your order — generating and delivering your renovation cost report
- To send transactional emails — order confirmation and report delivery
- To process payments — securely via Stripe
- To prevent fraud — detecting and preventing fraudulent orders
- To improve our service — using anonymised analytics data to understand how the site is used
- To comply with legal obligations — keeping records as required by law
We will never use your email address for marketing purposes without your explicit consent.
4. Legal Basis for Processing
Under UK GDPR we must have a legal basis for processing your personal data. We rely on the following:
- Contract — processing your email and listing URL is necessary to fulfil your order
- Legitimate interests — fraud prevention and basic security logging
- Consent — analytics cookies and session recording (you can withdraw consent at any time via our cookie settings)
- Legal obligation — retaining financial records as required by HMRC
5. Third Parties We Share Data With
We only share your data with third parties where necessary to provide our service. We never sell your data.
| Service | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing | Email address, payment details |
| SendGrid | Email delivery | Email address, report PDF |
| Anthropic | Report generation (AI analysis) | Property listing data and photos (no personal data) |
| Railway | Website hosting | Server logs including IP addresses |
| Google Analytics | Website analytics (with consent) | Anonymised usage data |
| Microsoft Clarity | Session recording and heatmaps (with consent) | Anonymised interaction data |
All third-party services we use are either based in the UK/EEA or operate under appropriate data transfer safeguards.
6. Cookies and Tracking
Cookies are small text files stored on your device when you visit a website. We use the following types of cookies:
Essential cookies
These are necessary for the website to function and cannot be switched off.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
__stripe_mid |
Stripe | Fraud prevention during checkout | 1 year |
__stripe_sid |
Stripe | Session management during checkout | 30 minutes |
Analytics cookies (with consent only)
These help us understand how people use our site. They are only set if you accept cookies.
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
_ga, _ga_* |
Google Analytics | Counts visits and tracks how people use the site | 2 years |
_clck, _clsk |
Microsoft Clarity | Session recording and heatmaps | 1 year |
You can change your cookie preferences at any time by clicking the Cookie Settings link in the footer of our website. You can also control cookies through your browser settings — see your browser's help documentation for guidance.
7. How Long We Keep Your Data
| Data | Retention period | Reason |
|---|---|---|
| Email address and order details | 7 years | HMRC financial record keeping requirements |
| Generated reports | 90 days | To allow re-delivery if email fails |
| Property listing URL | 90 days | For order fulfilment and support |
| Analytics data | 26 months | Google Analytics default retention |
| Server logs | 30 days | Security and fraud prevention |
8. Your Rights
Under UK GDPR you have the following rights regarding your personal data:
- Right of access — you can request a copy of the personal data we hold about you
- Right to rectification — you can ask us to correct inaccurate data
- Right to erasure — you can ask us to delete your data (subject to legal retention requirements)
- Right to restrict processing — you can ask us to limit how we use your data
- Right to data portability — you can request your data in a machine-readable format
- Right to object — you can object to processing based on legitimate interests
- Right to withdraw consent — you can withdraw consent for analytics cookies at any time
To exercise any of these rights, email us at jack@beforeyouoffer.com. We will respond within 30 days.
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
9. Data Security
We take data security seriously and implement appropriate technical and organisational measures to protect your personal data, including:
- All data transmitted between your browser and our server is encrypted using HTTPS/TLS
- Payment data is handled entirely by Stripe and never passes through our servers in full
- Access to our systems is restricted to authorised personnel only
- We regularly review our security practices
In the event of a data breach that is likely to affect your rights and freedoms, we will notify you and the ICO within 72 hours of becoming aware of it.
10. International Data Transfers
Some of our third-party service providers are based outside the UK. Where data is transferred internationally, we ensure appropriate safeguards are in place:
- Stripe — operates under UK GDPR adequacy decisions and Standard Contractual Clauses
- SendGrid — operates under Standard Contractual Clauses
- Anthropic — based in the USA, we only share property listing data (not personal data) for report generation
- Google Analytics — operates under Standard Contractual Clauses with data anonymisation
- Microsoft Clarity — operates under Standard Contractual Clauses
11. Children's Privacy
Our service is not directed at children under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at jack@beforeyouoffer.com and we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Your continued use of our service after any changes constitutes your acceptance of the updated policy.
13. Contact Us
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
- Email: jack@beforeyouoffer.com
- Website: beforeyouoffer.com
We aim to respond to all privacy enquiries within 5 business days.
You also have the right to complain to the Information Commissioner's Office (ICO) if you are unhappy with how we have handled your data:
- Website: ico.org.uk
- Phone: 0303 123 1113