Legal

Privacy Policy

Last updated: April 2026  ·  Version 1.0  ·  Questions? hello@beswitchready.co.uk

1. Who We Are

BeSwitchReady is the data controller for the personal data you provide when using our service. We process all data in accordance with UK GDPR and the Data Protection Act 2018. We are registered with the Information Commissioner's Office (ICO) — registration number: ZC132528.

Data controller contact: hello@beswitchready.co.uk  ·  beswitchready.co.uk

2. What Data We Collect

2.1 Data you provide directly

• Full name
• Email address
• Bank account details — sort code and account number (provided to GoCardless only, not stored by BeSwitchReady directly)
• Payment card details (provided to Stripe only — not stored by BeSwitchReady directly)

2.2 Data collected automatically

• IP address and approximate location
• Browser type and device information
• Pages visited and time spent on our website
• Cookie data — see Section 7

2.3 Data from third parties

• Stripe — subscription status, payment success/failure, customer reference
• GoCardless — mandate status, payment confirmation, mandate reference numbers

3. How We Use Your Data

• To create and manage your subscription — legal basis: contract performance
• To set up and maintain your GoCardless Direct Debit mandates — legal basis: contract performance
• To process your Stripe subscription payments — legal basis: contract performance
• To send service emails including setup confirmation and switching guides — legal basis: contract performance
• To send marketing emails about new bank switching offers — legal basis: legitimate interest. You can opt out at any time.
• To improve our website and service — legal basis: legitimate interest
• To comply with legal obligations — legal basis: legal obligation

4. Who We Share Your Data With

GoCardless Ltd

GoCardless processes your Direct Debit mandates. They are authorised and regulated by the Financial Conduct Authority (FCA Reference 597190). GoCardless Privacy Policy →

Stripe Inc

Stripe processes your subscription payments. They are PCI-DSS Level 1 certified. Stripe Privacy Policy →

Email service provider

We use MailerLite to send service and marketing emails. They receive your name and email address only.

Legal requirements

We may disclose your data if required to do so by law, court order, or regulatory authority.

5. Data Retention

• Account and subscription data — duration of subscription plus 6 years (HMRC requirement)
• Payment records — 6 years
• Email communication records — 2 years after last interaction
• Website analytics — 14 months

6. Your Rights Under UK GDPR

To exercise any of these rights, email hello@beswitchready.co.uk. We will respond within 30 days.

7. Cookies

Our website uses cookies to remember your preferences, analyse traffic, and support Stripe and GoCardless payment flows. When you first visit, we ask for your consent via our cookie banner. You can control cookies through your browser settings at any time.

8. Data Security

• HTTPS encryption on all pages
• PCI-DSS compliant payment processing via Stripe and GoCardless — we never store card numbers or full bank details ourselves
• Access controls limiting who can access customer data

9. International Transfers

Stripe Inc is US-based. Your payment data may be transferred to and processed in the United States. Stripe maintains Standard Contractual Clauses and appropriate UK GDPR safeguards. GoCardless operates primarily within the UK and EEA.

10. Children's Privacy

BeSwitchReady is not intended for anyone under 18. We do not knowingly collect data from children. If you believe we hold data about a child, contact us immediately at hello@beswitchready.co.uk.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email at least 14 days before they take effect.

12. Contact & Complaints

• Email: hello@beswitchready.co.uk
• ICO (complaints): ico.org.uk or 0303 123 1113