This Privacy Policy explains how DataShark ("we", "us", "our"), operating at thedatashark.com, collects, uses, stores, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Data Controller: DataShark
Website: thedatashark.com
Contact: hello@thedatashark.com
If you have any questions about how we handle your personal data, please contact us at the email address above.
We collect the following categories of personal data:
| Purpose | Lawful basis |
|---|---|
| Creating and managing your account | Contract (Article 6(1)(b)) |
| Generating your policy documents | Contract (Article 6(1)(b)) |
| Processing payments | Contract (Article 6(1)(b)) |
| Sending transactional emails (document ready, receipts) | Contract (Article 6(1)(b)) |
| Improving our platform and fixing bugs | Legitimate interests (Article 6(1)(f)) |
| Complying with legal obligations | Legal obligation (Article 6(1)(c)) |
We share your data with the following third-party processors who act on our instructions:
| Processor | Purpose | Location |
|---|---|---|
| Paddle.com | Payment processing and tax compliance | UK/US |
| SendGrid (Twilio) | Transactional email delivery | US (SCCs in place) |
| Namecheap | Website hosting and infrastructure | US (SCCs in place) |
We do not sell your personal data to any third parties.
We retain your account data for as long as your account is active. If you close your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or accounting purposes (up to 7 years for financial records).
Generated policy documents are retained and available for download for the period specified at the time of purchase.
Under the UK GDPR, you have the following rights:
To exercise any of these rights, contact us at hello@thedatashark.com. We will respond within one calendar month.
We use strictly necessary cookies to keep you logged in to your account (session cookies). We do not currently use advertising or analytics cookies. You can control cookies through your browser settings.
We implement appropriate technical and organisational measures to protect your data, including HTTPS encryption, password hashing, and access controls. In the event of a data breach that poses a risk to your rights, we will notify the ICO within 72 hours and affected individuals without undue delay.
Some of our processors are based outside the UK. Where we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the ICO.
If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113. We would appreciate the opportunity to address your concerns first — please contact us at hello@thedatashark.com.
We may update this Privacy Policy from time to time. We will notify you of significant changes by email. The current version is always available at thedatashark.com/privacy-policy.