Replacer Privacy Policy

Last updated: April 14, 2025

Replacer LTD ("Company", "we", "our", "us"), a company operating the website https://www.replacer.com (the "Website") and the related web application available at https://app.replacer.com (the "Application"), collectively referred to as our "Services", is committed to protecting the personal data and safeguarding the privacy of our visitors and contact persons for our customers, suppliers, and other business partners.

If you have any questions or concerns about this privacy policy or our practices regarding your personal information, please refer to the contact us section below.

Personal data refers to any information likely to identify you directly (e.g., your name) or indirectly (e.g., identifiers collected via cookies or your IP address) ("Personal Data").

This privacy policy ("Privacy Policy") explains how we process your Personal Data when you ("you") browse our Website, use our Application, or otherwise interact with our Services. We therefore invite you to read the Privacy Policy carefully.

Information We Collect

We collect personal information in different ways:

1. Personal Information Provided by You:

We collect personal information that you voluntarily provide to us when you register for an account on our Application, express an interest in obtaining information about us or our products and services, when you participate in activities on our Services (like leaving feedback), or otherwise when you contact us. This may include:

  • Name
  • Email address
  • Contact details
  • Questions, queries, or feedback you leave
  • Subscription preferences when you sign up to our email alerts
  • Payment information (processed by our third-party payment processors)
  • Account credentials (stored securely)

2. Information Collected Automatically (Usage Data, Analytics, and Technologies):

When you navigate our Website or use our Application, we automatically collect certain information about your device, Browse actions, and patterns. This information helps us improve our Services and understand how users interact with them. This collection relies on cookies, pixels, local storage, and similar technologies.

  • General Usage Data: Our servers may automatically log standard data provided by your web browser, such as your device’s Internet Protocol (IP) address, browser type and version, the pages you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.
  • Analytics Data: We use third-party analytics services, including Google Analytics and PostHog (primarily on our Website) and Google Analytics (on our Application), to help us understand how users engage with our Services. These services use cookies and similar technologies to collect information such as pages visited, time spent on pages, links clicked, device and browser details, approximate location derived from IP address (we configure IP anonymization where available, such as in Google Analytics), and potentially pseudonymous identifiers. This helps us analyze traffic and improve user experience.
  • Session Replay & Debugging Data (Application Only): On our Application (app.replacer.com), we utilize LogRocket, a service that helps us understand user experience and troubleshoot technical issues. LogRocket may capture recordings of user sessions, which can include interactions like clicks, scrolls, and navigation paths, as well as technical details about the user’s session (browser type, device information, console logs/errors). We configure LogRocket to minimize the capture of sensitive personal data entered into form fields where feasible.
  • Cookies and Similar Technologies: The automatic collection described above utilizes cookies (small text files stored on your device), web beacons (pixels), local storage, and other similar technologies. Some are essential for the Services to function, while others help us with analytics, performance, and potentially advertising (if applicable).

How We Use Your Information

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on different legal bases, including our legitimate business interests, entering into or performing a contract with you, with your consent (particularly for non-essential cookies and direct marketing), and/or for compliance with our legal obligations.

We use the information we collect or receive:

  • To facilitate account creation and the logon process.
  • To send administrative information to you (e.g., service updates, policy changes).
  • To fulfil and manage your orders or service requests.
  • To manage user accounts and provide customer support.
  • To send you marketing and promotional communications (where you have consented or where permitted by law).
  • To deliver targeted advertising (if applicable, based on consent).
  • To post testimonials (with your explicit consent).
  • To request feedback on our Services.
  • To protect our Services (e.g., security monitoring, fraud prevention).
  • To analyze and improve our Website and Services: Understanding user behavior, identifying popular features, optimizing user journeys, and improving overall performance using aggregated or pseudonymized data where possible.
  • To monitor service performance and troubleshoot issues: Identifying bugs, errors, and performance bottlenecks experienced by users (particularly through tools like LogRocket on the Application).
  • To understand product usage: Analyzing how features are used within the Application to inform product development.
  • To enforce our terms, conditions, and policies.
  • To respond to legal requests and prevent harm.

Legal Basis for Processing Personal Data (EEA/UK Focus)

If you are from the European Economic Area (EEA) or the UK, our legal basis for collecting and using your personal information depends on the Personal Data concerned and the specific context:

  • Performance of a Contract: We process data necessary to create and manage your account, provide the core Services you requested, and fulfill orders.
  • Consent: We rely on your consent for sending direct marketing communications (unless soft opt-in applies), posting testimonials, and using non-essential cookies and similar technologies for analytics, session replay, and potentially advertising, typically obtained via our cookie consent banner or subscription forms. You can withdraw consent at any time.
  • Legitimate Interests: We process some technical and usage data for security monitoring, fraud prevention, basic service operation, and initial analytics, provided these interests are not overridden by your data protection rights.
  • Legal Obligation: We may process data to comply with applicable laws, regulations, court orders, or other legal requirements.

Sharing Your Information

We only share and disclose your information in the following situations:

Compliance with Laws:

We may disclose your information where legally required to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal processes.

Vital Interests and Legal Rights:

We may disclose information where necessary to investigate, prevent, or act regarding potential policy violations, suspected fraud, threats to safety, illegal activities, or as evidence in litigation.

Replacer LTD Internal Services:

Your Personal Data may be accessed by competent internal departments (e.g., sales, marketing, support, engineering) as needed to perform their duties.

Trusted Service Providers:

We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information. This includes providers for hosting, payment processing (we do not store full payment card details), customer support platforms, email delivery, website and application analytics (such as Google, PostHog), and session replay/debugging services (such as LogRocket). We have data processing agreements in place with these providers where required by law. We encourage you to review their privacy policies: [Link to Google Privacy], [Link to PostHog Privacy], [Link to LogRocket Privacy].

Business Transfers:

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

With Your Consent:

We may disclose your personal information for any other purpose with your consent.

International Data Transfers

Your information, including Personal Data, may be transferred to, stored at, and processed by us, our affiliates, and our third-party service providers (as listed above) in countries outside the UK and the EEA, particularly in the United States where many of our service providers, including Google, PostHog, and LogRocket, are based or have operations.

When we transfer your Personal Data outside the UK/EEA, we ensure appropriate safeguards are in place to protect your data to a standard equivalent to that provided within the UK and EEA. This includes relying on:

  • Adequacy decisions issued by the relevant authorities.
  • For transfers to the US, certification under the EU-U.S. Data Privacy Framework (DPF) and the UK Extension to the DPF, where applicable providers are certified.
  • Standard Contractual Clauses (SCCs) approved by relevant authorities, supplemented with additional measures where necessary.

Data Retention

We will only retain your personal information for as long as necessary to fulfil the purposes for which we collected it (as outlined in this policy), including for the purposes of satisfying any legal, accounting, or reporting requirements, or to resolve disputes. The retention period depends on the type of information and the purpose of collection. For details on cookie expiry, please see our [Link to Cookie Policy].

Children’s Privacy Protection

Our Services are not designed for, or intentionally targeted at, children 13 years of age or younger (or equivalent minimum age depending on jurisdiction). We do not knowingly collect or maintain data about anyone under this age. If we become aware that we have collected Personal Data from a child without verification of parental consent, we take steps to remove that information from our servers.

Where Your Data is Processed and Stored

We strive to use systems and providers that store data securely. While we aim to utilize infrastructure within the UK or EEA where feasible, as detailed in the "International Data Transfers" section, data processing by our third-party service providers (including Google, PostHog, LogRocket) may occur globally, including in the United States. We implement technical and organizational measures and rely on appropriate legal mechanisms to safeguard your data wherever it is processed.

How We Protect Your Data and Keep It Secure

We are committed to keeping your data secure. We implement appropriate technical and organizational security measures designed to protect the security of any personal information we process. This includes measures like encryption, access controls, and secure development practices. We also require our third-party service providers to implement appropriate security measures.

However, please remember that no method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Your Data Protection Rights (EEA/UK Residents)

If you are a resident of the EEA or UK, you have specific rights under GDPR and the UK Data Protection Act:

Right of access:

Request information about what personal data we hold about you.

Right to rectification:

Request correction of inaccurate or incomplete data.

Right to erasure ("right to be forgotten"):

Request deletion of your data under certain conditions.

Right to restrict processing:

Request limitation of how we process your data under certain conditions.

Right to data portability:

Request a copy of data you provided in a machine-readable format.

Right to object:

Object to processing based on legitimate interests or for direct marketing.

Right to withdraw consent:

Withdraw consent at any time where processing is based on consent (this does not affect past processing). You can manage cookie consent via our [Link to Cookie Policy] or associated settings tool.

Right to opt-out:

Opt-out of marketing communications via unsubscribe links or account settings.

Right to not be subject to automated decision-making:

You have the right not to be subject to decisions based solely on automated processing (including profiling) that produce legal or similarly significant effects, unless certain exceptions apply. While we use analytics tools that may involve profiling, we do not use them for making such significant automated decisions about individuals. You can control profiling related to non-essential cookies via our [Link to Cookie Policy].

Right to file a complaint:

Lodge a complaint with our primary contact (below) or your local supervisory authority. Our lead supervisory authority is the Autoriteit Persoonsgegevens in the Netherlands (https://autoriteitpersoonsgegevens.nl/nl). You can find other authorities here: https://edpb.europa.eu/about-edpb/board/members_en).

To exercise these rights, please contact us using the details below.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will indicate the date it was "Last updated" at the top. We encourage you to review this policy periodically.

Contact Us

If you have any questions, comments, or requests regarding this policy or your Personal Data, you may contact us by email at ed@replacer.com or by post to:

Replacer LTD
45 Queen Street,
Deal,
England,
CT14 6EY