Legal

Privacy Policy

Last updated: 29 May 2026

1. Who We Are

Reg Alerts Pro is operated by Mabe Media Studios Ltd ("we", "our", "us"), a company registered in England and Wales. You can reach our data team at info@regalertspro.com.

2. What Data We Collect

  • Account data: name, work email, job title, and organisation name provided at signup.
  • Usage data: pages visited, features used, search queries, and session timestamps.
  • Communication data: messages sent to support and content submitted through RegBot.
  • Payment data: billing name, address, and payment method (processed by Stripe — we do not store card numbers).
  • Technical data: IP address, browser type, device type, and cookies as described in our Cookie Policy.

3. How We Use Your Data

  • To provide, maintain, and improve the Reg Alerts Pro platform.
  • To send regulatory alert notifications you have opted into.
  • To process payments and manage your subscription.
  • To respond to support requests and queries.
  • To comply with legal and regulatory obligations.
  • To send product updates (you can unsubscribe at any time).

4. Legal Basis for Processing

  • Contract: processing necessary to deliver the service you have subscribed to.
  • Legitimate interests: fraud prevention, security, analytics, and product improvement.
  • Legal obligation: retaining records required by financial and tax regulations.
  • Consent: marketing communications (you may withdraw consent at any time).

5. Data Sharing

We do not sell your personal data. We share it only with trusted processors under strict data processing agreements:

  • Supabase — database and authentication infrastructure.
  • Stripe — payment processing.
  • Resend — transactional email delivery.
  • Vercel — application hosting.
  • Anthropic — AI query processing (where BYOK or hosted AI features are used).

6. International Transfers

Some service providers process data outside the UK and EEA. We rely on UK adequacy decisions, Standard Contractual Clauses (SCCs), or equivalent safeguards.

7. Retention

We retain account data for the duration of your subscription plus 12 months. Audit logs are retained for 7 years. You may request deletion at any time — see Section 9.

8. Security

All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). We enforce row-level security at the database layer, regular penetration testing, and need-to-know access controls. We hold ISO 27001-aligned security controls.

9. Your Rights

Under UK GDPR and EU GDPR you have the right to:

  • Access — request a copy of your personal data.
  • Rectification — request correction of inaccurate data.
  • Erasure — request deletion ("right to be forgotten").
  • Restriction — request we limit processing in certain circumstances.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests or direct marketing.
  • Withdraw consent — at any time where processing is consent-based.

Email info@regalertspro.com to exercise any right. We respond within 30 days. You may also lodge a complaint with the UK ICO at ico.org.uk.

10. Cookies

We use cookies as described in our Cookie Policy.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be notified by email or in-app banner at least 14 days before they take effect.

12. Contact

Email info@regalertspro.com or write to: Data Privacy, Reg Alerts Pro, Mabe Media Studios Ltd, United Kingdom.