Privacy Policy

What Personal Data We Collect

Website Visitors

When visiting our website we may collect:

  • IP address
  • Browser type
  • Device information
  • Usage and analytics information
  • Cookies and similar technologies

This information is collected through Google Analytics and similar website monitoring tools.

Account Holders

When registering for a Daybook account we may collect:

  • First name
  • Last name
  • Username
  • Email address
  • Phone number
  • Login activity
  • Ip address
  • Security and audit logs

Company Information

When creating a company account we may collect:

  • Company name
  • Company address
  • Company contact information
  • Company users and permissions

Customer Data Stored in Daybook

Daybook stores business information entered by customers, including but not limited to:

  • Jobs
  • Invoices
  • Customer records
  • Operational data
  • Documents uploaded by customers

For this information:

  • The customer company acts as the Data Controller
  • Descod Ltd acts as a Data Processor
  • We do not use customer data for marketing, advertising, profiling or any purpose unrelated to providing the service

Why We Collect Data

We collect information to:

  • Provide access to the platform
  • Authenticate users
  • Protect accounts from unauthorized access
  • Maintain platform security
  • Monitor service performance
  • Provide customer support
  • Meet legal obligations
  • Improve website and service functionality

Legal Basis for Processing

Since you are UK-based:

Contract

  • To provide the Daybook service.

Legitimate Interests

To:

  • Secure the platform
  • Detect fraud
  • Monitor performance
  • Improve services

Legal Obligations

Where required by UK law.

Consent

For non-essential cookies and analytics where applicable.

Who We Share Data With

We do not sell customer data.

Data may be shared with service providers that support the operation of Daybook, including:

  • Microsoft Azure (hosting and infrastructure)
  • Mailgun (email delivery)
  • Google Analytics (website analytics)
  • Cloudflare (security and content delivery)

These providers only process data as necessary to provide their services.

International Transfers

Daybook services are hosted in the United Kingdom using Microsoft Azure UK regions.

Some service providers may process limited data outside the UK. Where this occurs, appropriate safeguards are implemented in accordance with UK GDPR requirements.

Data Retention

Account information and customer data are retained while an account remains active.

Following account closure, data may be retained for up to three years unless:

  • The customer requests earlier deletion;
  • Retention is required by law; or
  • Retention is necessary for security, audit or dispute resolution purposes.

User Rights

Users may request:

  • Access to personal information
  • Correction of inaccurate information
  • Deletion of personal information
  • Restriction of processing
  • Data portability
  • Objection to processing where applicable

Requests can be sent to:

[email protected]