Legal
Privacy policy
Last updated 10 July 2026.
Contents
- Who we are
- The two roles we play
- What we collect about you
- What you store in operivo
- Why we use it, and our lawful basis
- Cookies
- Who we share it with
- Where your data goes
- How long we keep it
- How we protect it
- Your rights
- Our terms as your processor
- Children
- Changes
- Contact and complaints
1. Who we are
operivo is provided by [Company name], registered in England and Wales under number [company number], registered office [registered address]. We are registered with the Information Commissioner's Office under number [ICO registration number].
This policy explains what we do with personal data. It applies to the operivo website and to the operivo application.
2. The two roles we play
This is the most important part of this policy, so it comes first.
- We are the controller of your account data. Your name, your email address, your business details, what you do in the app. We decide how that is used, and this policy tells you how.
- We are only a processor of your customers' data. The customer records, jobs, quotes, invoices, photos and notes you put into operivo are yours. You decide what goes in and why. You are the controller of it. We hold it and act on your instructions, which are the instructions you give by using the features of the service. Section 12 sets out the terms of that arrangement.
If you are one of our customers' customers, and you want to know why a plumber or a hairdresser holds your details, ask them, not us. We cannot give you access to another business's records, and we will pass your request to them.
3. What we collect about you
When you open an account
- Your name and email address.
- Your business name, address, phone number, VAT number and company number, if you enter them.
- Your logo and brand colours, if you upload them.
When you use the app
- Sign-in records, including the single-use links we email you and when they were used.
- Session records, so we know you are signed in.
- Technical data, including your IP address, browser type and the pages you request, in our server logs.
- Records of emails we sent on your behalf, so we can tell you whether a reminder went out.
When you subscribe
Paddle collects and processes your payment details. We never see or store your card number. We receive the subscription status, the renewal date, and enough identifiers to match the subscription to your account.
When you contact us
Your email and whatever you tell us in it.
4. What you store in operivo
This is personal data about other people, and you are its controller. It typically includes your customers' names, addresses, email addresses, phone numbers, the work you did for them, what you charged, photographs of the job, and notes you wrote.
Please do not store special category data, such as health information, unless you have a lawful basis for it. operivo is not designed for it.
5. Why we use it, and our lawful basis
| What for | Lawful basis |
|---|---|
| Running the service, signing you in, storing your records | Performance of our contract with you |
| Taking your subscription payment | Performance of our contract with you |
| Sending emails to your customers on your instruction | Our legitimate interest in providing the service you asked for. You are responsible for having a lawful basis to contact them. |
| Keeping the service secure, preventing abuse, rate limiting | Our legitimate interest in protecting the service and its users |
| Answering your support emails | Our legitimate interest in supporting our customers |
| Keeping accounting and tax records | Our legal obligation |
| Telling you about changes to the service you use | Our legitimate interest in keeping customers informed |
| Marketing emails, if we ever send them | Your consent, which you can withdraw at any time |
6. Cookies
We use only strictly necessary cookies. There is no advertising, no tracking, and no analytics on the operivo website or in the app.
- A session cookie, so that you stay signed in. It is deleted when your session ends or you sign out.
- A cookie used to protect against cross-site request forgery, so that a malicious site cannot act as you.
Because these are strictly necessary to provide a service you asked for, we do not need your consent for them, and there is no cookie banner. The theme you pick on this website is stored in your browser's local storage, not in a cookie, and never leaves your device.
7. Who we share it with
We do not sell personal data. We share it only with the providers we need to run the service.
| Provider | What for |
|---|---|
| Paddle | Taking your subscription payment. Paddle is the merchant of record and its own controller for payment data. |
| Stripe | Card payments your customers make to you. You connect your own Stripe account, and the money goes to you, not to us. |
| GoCardless | Bank payments your customers make to you, through your own GoCardless account. |
| [Amazon Web Services] | Sending the emails operivo sends on your behalf. |
| [Hosting provider] | Hosting the application, the database and uploaded files. |
| Serving the typeface used on this website. Your IP address reaches Google when a page loads. [Remove this row if you self-host Inter.] |
PDF invoices are rendered on our own infrastructure. Your documents are not sent to a third party to be turned into PDFs.
We may also disclose personal data if the law requires it, or to establish or defend legal claims. If the business is sold, data may transfer to the buyer, and we will tell you.
8. Where your data goes
Your records are stored in [hosting region, for example the UK or the EU].
Some of the providers above operate outside the UK. Where personal data is transferred out, we rely on the UK's adequacy regulations, or on the International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses, together with appropriate safeguards.
9. How long we keep it
- Your account and your records: for as long as your account is open, then [30 days] after it closes, then deleted.
- Backups: overwritten on a rolling cycle, so copies may persist for up to [90 days] after deletion.
- Sign-in links: short lived, and stored hashed rather than in the clear.
- Server logs: [30 days].
- Accounting records: six years, because the law requires it.
You can ask us to delete your data sooner. See section 11.
10. How we protect it
- Every business's data is isolated at the database level, so one account's queries cannot reach another's. We test this automatically.
- Traffic is encrypted in transit with TLS.
- Sign-in and invitation links are stored hashed, so a copy of the database does not let anyone sign in as you.
- The credentials for your connected Stripe and GoCardless accounts are stored encrypted.
- There are no passwords to steal, because there are no passwords.
- Access to production systems is limited to those who need it.
No system is perfectly secure. If a breach affects your rights we will tell the ICO within 72 hours, and tell you without undue delay where we are required to.
11. Your rights
Under UK data protection law you can ask us to:
- give you a copy of the personal data we hold about you;
- correct it if it is wrong;
- delete it;
- restrict or stop how we use it;
- give it to you, or to someone else, in a portable format;
- stop using it where we rely on legitimate interests, and stop any direct marketing at any time.
Email [hello@operivo.com]. We will reply within one month. There is no charge unless a request is excessive.
You do not need to ask us for a copy of your own business records. Export them yourself as CSV, at any time, from inside the app.
12. Our terms as your processor
These terms apply where we process personal data on your behalf, and satisfy Article 28 of the UK GDPR. They form part of our terms of service.
- Subject matter: providing operivo. Duration: while your account is open, plus the retention period in section 9.
- Nature and purpose: storing, organising and transmitting the records you enter, and sending the messages you tell it to send.
- Types of data: contact details, appointment and job records, financial records, photographs, notes.
- Data subjects: your customers, and the people you invite to your account.
- We process personal data only on your documented instructions, which include your use of the service, unless the law requires otherwise.
- Everyone with access is bound by confidentiality.
- We take the security measures in section 10.
- We use the sub-processors in section 7. We will tell you before we add or replace one, and you may object.
- We help you respond to requests from data subjects, and with your obligations on security, breach notification and impact assessments.
- On your instruction we delete or return your personal data at the end of the contract, except where the law requires us to keep it.
- We make available the information needed to show we comply, and allow audits, on reasonable notice and at your cost.
13. Children
operivo is for businesses. It is not directed at children, and we do not knowingly collect data about them. If a child's details appear in your records, for example as a customer, you are the controller of that and responsible for having a lawful basis.
14. Changes
We will update this policy from time to time. The date at the top tells you when it last changed. If a change matters to you, we will email you.
15. Contact and complaints
Email [hello@operivo.com], or write to [registered address].
If you are unhappy with how we have handled your data, please tell us first so we can put it right. You also have the right to complain to the Information Commissioner's Office at ico.org.uk, or on 0303 123 1113.