RRA Compliance Hub

Privacy Policy

Last updated: 25 March 2026

ICO Registration: C1894526

RRA Compliance Hub is operated by Steadfast Software (sole trader). This policy explains how we collect, use, and protect your personal data when you use our website and services.

Contact us at [email protected] with any questions about this policy.

What data we collect

Free compliance checker (no account required)

  • Property postcode (to determine jurisdiction)
  • Your answers to compliance questions
  • Email address (only if you choose to receive your results by email)

Pro subscription (account required)

  • Name and email address
  • Property details you add to your dashboard (address, tenancy type, certificate dates)
  • Subscription status and billing history

Analytics

  • Anonymous usage data (pages visited, features used, browser type)
  • Collected via PostHog for service improvement only
  • No data is shared with advertisers or third parties

Payment processing

All payments are processed securely by Stripe. We never see, store, or have access to your full card details. Stripe handles your payment information in accordance with PCI DSS standards. You can review Stripe's privacy policy at stripe.com/gb/privacy.

Data storage and security

Your data is stored on servers located within the UK and European Economic Area (EEA). We use industry-standard security measures including encryption in transit (TLS) and at rest to protect your information.

Cookies

We use essential cookies to keep you signed in and maintain your session. We also use PostHog, a privacy-focused analytics tool, to understand how visitors use our site. PostHog helps us improve the service by tracking anonymous usage data such as page views and feature usage. No advertising or marketing cookies are used. You can learn more about PostHog's privacy practices at posthog.com/privacy.

Data retention

If you cancel your Pro subscription, we retain your account data for 12 months after cancellation. After this period, your data is permanently deleted. You may request earlier deletion at any time (see your rights below).

Your rights under UK GDPR

Under the UK General Data Protection Regulation, you have the following rights:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete data.
  • Right to erasure — ask us to delete your personal data.
  • Right to data portability — request your data in a structured, machine-readable format.
  • Right to object — object to us processing your data in certain circumstances.
  • Right to restrict processing — ask us to limit how we use your data.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

Complaints

If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Changes to this policy

We may update this policy from time to time. We will notify Pro subscribers of material changes by email. The “last updated” date at the top of this page will always reflect the most recent version.

← Back to home