Privacy Policy: Contact Form Checker

1. Who we are

Contact Form Checker is operated by Ocktra.IO Ltd, a company registered in England and Wales. In this policy, "we", "us", and "our" refer to Ocktra.IO Ltd. We are the data controller for the personal data we collect through this service.

2. What data we collect

We collect the following categories of personal data:

Account data: your name, email address, and password (hashed, never stored in plaintext) when you register.
Billing data: payment information is processed by Stripe; we store only a tokenised reference and your billing address.
Usage data: the URLs and form configurations you add, check results, and alert history.
Technical data: IP address, browser type, and access logs for security and debugging purposes.
Communications: any correspondence you send to us.

3. How we use your data

We use your data to:

Provide, operate, and improve the Contact Form Checker service.
Send alerts and notifications you have configured.
Process payments and manage your subscription.
Respond to support requests and enquiries.
Meet our legal and regulatory obligations.
Detect and prevent fraud or abuse.

We will only send you marketing communications if you have opted in, and you can unsubscribe at any time.

4. Legal basis for processing

We process your personal data under the following legal bases:

Contract: processing necessary to deliver the service you have signed up for.
Legitimate interests: security monitoring, fraud prevention, and service improvement.
Legal obligation: where we are required to retain or disclose data by law.
Consent: for marketing communications, where applicable.

5. Data sharing

We do not sell your personal data. We share it only with trusted third-party processors who help us operate the service, including:

Stripe: payment processing.
Cloud infrastructure providers: hosting and storage.
Email delivery providers: sending alerts and transactional emails.

All processors are contractually bound to handle your data securely and only as instructed by us. We may also disclose data where required by law or to protect the rights and safety of our users.

6. Data retention

We retain your account data for as long as your account is active. Check results and audit logs are retained according to your plan (7 days on Starter, 90 days on Pro, unlimited on Agency). When you close your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. Your rights

Under UK GDPR, you have the right to:

Access: request a copy of the personal data we hold about you.
Rectification: ask us to correct inaccurate data.
Erasure: ask us to delete your data in certain circumstances.
Restriction: ask us to limit how we use your data.
Portability: receive your data in a machine-readable format.
Objection: object to processing based on legitimate interests.
Withdraw consent: where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at privacy@ocktra.io. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Cookies

We use only essential cookies required for the service to function, including session cookies for authentication. We do not use third-party tracking or advertising cookies.

9. Security

We take reasonable technical and organisational measures to protect your data, including encrypted connections (TLS), hashed passwords (bcrypt), and access controls. No system is completely secure; if you believe your account has been compromised, contact us immediately.

10. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email or via a notice in the app. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions, please contact us at:
Ocktra.IO Ltd
Email: privacy@ocktra.io