This Privacy Policy explains how Roman Repairs ("we", "us", or "our") collects, uses, stores, and protects personal data when you visit our website, create an account, or use our repair-shop management dashboard (the "Service"). We are committed to handling your information lawfully, transparently, and only for the purposes described below. For the purposes of UK data protection law, including the UK GDPR and the Data Protection Act 2018, Roman Repairs is the data controller for the account information you provide to us, and a data processor for the customer and repair records you store inside the Service.
Information we collect
We collect information you give us directly, such as your name, business name, email address, and the login credentials used to access your account. When you use the Service we also process the operational data you enter — repair tickets, invoices, parts inventory, and customer contact details — on your behalf. In addition, we automatically collect limited technical data, including your IP address, browser type, device information, and basic usage analytics, to keep the Service secure and reliable.
How we use your information
We use your data to provide and maintain the Service, authenticate your sign-in, process subscription payments, respond to support requests, detect and prevent fraud or abuse, and improve the product. We rely on the following legal bases: performance of our contract with you, our legitimate interests in operating a secure and effective Service, your consent where required, and compliance with our legal obligations. We do not sell your personal data, and we do not use your customers' data for our own marketing.
Sharing and sub-processors
We share data only with trusted service providers who help us run the Service — for example, hosting, payment processing, and email delivery — and only to the extent needed to perform those functions. These providers are bound by contractual obligations to protect your data. We may also disclose information where required by law or to protect our legal rights. Where data is transferred outside the UK or EEA, we use appropriate safeguards such as the UK International Data Transfer Agreement or equivalent standard contractual clauses.
Data retention and security
We keep personal data only for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Each shop's data is logically separated from every other tenant, encrypted in transit, and protected by access controls and short-lived authenticated sessions. When data is no longer required, we delete or anonymise it securely.
Cookies
We use a small number of cookies and similar technologies that are strictly necessary to keep you signed in and to keep the Service secure. We do not use advertising cookies. You can control cookies through your browser settings, though disabling essential cookies may prevent you from signing in.
Your rights
Under UK GDPR you have the right to access, correct, or delete your personal data; to restrict or object to certain processing; to data portability; and to withdraw consent at any time. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO). To exercise any of these rights, contact us using the details below and we will respond within the timeframes required by law.
Changes and contact
We may update this policy from time to time and will revise the "Last updated" date above when we do. If we make material changes we will take reasonable steps to notify you. If you have any questions about this policy or how we handle your data, please email us at hello@romanrepairs.online.