Skip to content

Privacy Policy

Last updated: 6 April 2026

1. Introduction

PriceScope (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website at www.pricescope.cc (“the Site”) and our competitive intelligence reporting service (“the Service”).

This policy applies to the personal data of our customers and website visitors. It does not apply to publicly available commercial product data (such as product names, prices, and stock availability) that we collect from third-party websites, as such data does not constitute personal data within the meaning of the UK GDPR or Data Protection Act 2018.

2. Data Controller

PriceScope is the data controller for the personal data described in this policy. If you have any questions about how we handle your data, please contact us.

3. Personal Data We Collect

We collect the following categories of personal data:

3.1 Data you provide directly

  • Email address — provided at checkout, used solely to deliver your purchased report and any necessary transactional communications
  • Contact form submissions — name, email address, and message content when you contact us via our contact form

3.2 Data collected automatically

  • IP address — collected for rate limiting and fraud prevention purposes only
  • Essential cookies — strictly necessary for the website to function (see our Cookie Policy)

3.3 Data processed by third parties on our behalf

  • Payment information— credit/debit card details are collected and processed entirely by Stripe, our payment processor, in accordance with PCI DSS Level 1 standards. We never receive, access, or store your full card details on our servers.

4. Lawful Basis for Processing

Under the UK GDPR, we process your personal data on the following lawful bases:

  • Contract performance(Article 6(1)(b)) — processing your email address is necessary to deliver the report you have purchased
  • Legitimate interests(Article 6(1)(f)) — processing IP addresses for rate limiting and fraud prevention, and processing contact form submissions to respond to your enquiries

We do not process your personal data for direct marketing, profiling, or automated decision-making purposes.

5. How We Use Your Data

We use the personal data we collect for the following purposes only:

  • To deliver purchased reports via secure download link
  • To send transactional emails relating to your purchase (order confirmation, download link)
  • To respond to enquiries submitted via our contact form
  • To prevent fraud and enforce rate limits on our checkout process
  • To comply with our legal obligations

We do not sell, rent, trade, or share your personal data with any third party for their own marketing or commercial purposes.

6. Data Sharing & Third-Party Processors

We share your personal data only with the following categories of third-party service providers who process data on our behalf and under our instructions:

  • Stripe(payment processing) — processes your payment securely under their own privacy policy and PCI DSS compliance
  • Supabase(database hosting) — hosts our database infrastructure where order records and contact submissions are stored
  • Vercel(website hosting) — hosts our website and may process IP addresses and request metadata as part of standard web serving

All third-party processors are contractually bound to handle your data in accordance with applicable data protection laws and solely for the purposes we specify.

7. Data Retention

We retain your personal data only for as long as necessary:

  • Order records(email, payment reference) — retained for 6 years from the date of purchase to comply with UK tax and accounting obligations
  • Download links — expire automatically after 7 days
  • Contact form submissions— retained for 12 months from submission, then deleted
  • IP address logs— retained for a maximum of 30 days for rate-limiting purposes, then automatically purged

8. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the following rights in respect of your personal data:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — request correction of inaccurate personal data
  • Right to erasure— request deletion of your personal data, subject to any legal retention obligations
  • Right to restrict processing — request that we limit how we use your data
  • Right to data portability— request your data in a structured, commonly used, machine-readable format
  • Right to object — object to processing based on legitimate interests

To exercise any of these rights, please contact us. We will respond to your request within one calendar month. There is no fee for making a request unless the request is manifestly unfounded or excessive.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest in our database
  • Use of row-level security policies in our database
  • Strict access controls and principle of least privilege
  • Delegation of payment processing to PCI DSS Level 1 compliant processor (Stripe)

10. International Transfers

Some of our third-party service providers (Stripe, Supabase, Vercel) may process data outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions issued by the UK Secretary of State, to ensure your data is protected to the same standard as within the UK.

11. Children

The Service is intended for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will delete it promptly.

12. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk
  • Telephone: 0303 123 1113

We would appreciate the opportunity to address your concerns before you contact the ICO, so please contact us first.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected by updating the “Last updated” date at the top of this page. We encourage you to review this policy periodically.

14. Contact

For any questions about this Privacy Policy or to exercise your data rights, please contact us.