Our Commitment to Your Privacy
We do not permanently store your bank statements. Uploaded files are automatically deleted within 24 hours. We never share, sell, or transfer your financial documents to third parties.
1. Introduction
Welcome to UK Statement Converter, operated by ExactSum ("Company", "we", "our", "us"). We are committed to protecting your privacy and handling your data with transparency and care.
This Privacy Policy explains how we collect, use, and protect your information when you use our website at ukstatementconverter.co.uk (the "Service").
By using our Service, you agree to the collection and use of information in accordance with this policy. We are registered and operate under the laws of England and Wales, and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
Account Information
When you register for an account, we may collect:
- Name
- Email address
- Company name (optional)
- Payment information (processed securely by Stripe)
Uploaded Documents
When you use our conversion service, you upload bank statement PDF files. These documents:
- Are processed on secure UK/EU servers
- Are stored temporarily for a maximum of 24 hours to allow you to download your converted files
- Are automatically and permanently deleted after 24 hours
- Are never shared with, sold to, or accessed by third parties
- Are never used for training AI models or any other purpose beyond providing the conversion service
Technical Information
We automatically collect certain technical information when you visit our website:
- IP address
- Browser type and version
- Pages visited and time spent
- Referring website
- Device information
3. How We Use Your Information
We use the information we collect to:
- Provide and operate the conversion service
- Process payments and manage subscriptions
- Send service-related communications (account confirmations, usage alerts)
- Respond to support requests
- Improve and optimise our Service
- Detect and prevent fraud or abuse
- Comply with legal obligations
We do not use your information for marketing purposes without your explicit consent.
4. Data Retention
Bank Statements & Converted Files
Uploaded bank statements and resulting converted files (Excel/CSV) are retained for 24 hours only. After this period, they are automatically and permanently deleted from our servers. We have no ability to recover deleted files.
Account Data
Your account information is retained for as long as your account remains active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.
Payment Records
We retain payment records for 7 years as required by UK tax law. These records are stored securely by our payment processor (Stripe) and contain only transaction details, not your full payment card information.
5. Data Security
We implement robust security measures to protect your data:
- Encryption in transit: All data transfers use TLS 1.3 (256-bit encryption)
- Encryption at rest: Stored files are encrypted using AES-256
- Secure infrastructure: Our servers are hosted in UK/EU data centres with ISO 27001 certification
- Access controls: Strict internal access policies limit who can access systems
- Regular audits: We conduct regular security assessments
6. Data Sharing
We do not sell, rent, or trade your personal information. We only share data with:
- Payment processors: Stripe processes payments securely. See Stripe's Privacy Policy.
- Cloud infrastructure providers: For hosting our service (data remains in UK/EU)
- Legal authorities: If required by law or to protect our legal rights
Your uploaded bank statements are never shared with any third party under any circumstances.
7. Your Rights Under UK GDPR
As a UK/EU resident, you have the following rights regarding your personal data:
- Right of access: Request a copy of the personal data we hold about you
- Right to rectification: Request correction of inaccurate data
- Right to erasure: Request deletion of your personal data
- Right to restrict processing: Request that we limit how we use your data
- Right to data portability: Request your data in a machine-readable format
- Right to object: Object to processing of your personal data
- Right to withdraw consent: Withdraw consent at any time where we rely on consent
To exercise any of these rights, please contact us at privacy@ukstatementconverter.co.uk. We will respond within 30 days.
8. Cookies
We use essential cookies to:
- Keep you logged into your account
- Remember your preferences
- Ensure the security of our Service
We use analytics cookies (with your consent) to understand how visitors use our website. You can manage cookie preferences through your browser settings.
9. Children's Privacy
Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.
10. International Transfers
Your data is processed and stored within the UK and European Economic Area (EEA). We do not transfer your personal data outside of these regions.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this page periodically.
12. Complaints
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Telephone: 0303 123 1113
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
ExactSum
Email: privacy@ukstatementconverter.co.uk
Website: ukstatementconverter.co.uk