logo

Log in

menu-hamburger

Privacy policy

Last updated: February 2026

This Privacy Policy applies to https://validare.co/ (the "Website") operated by SOFTRELIC SYSTEMS LTD ("Company", "we", "us", or "our").

We are committed to protecting personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (EU GDPR).

By using the Website, you agree to the practices described in this Privacy Policy.

1. Company Information (Data Controller)

SOFTRELIC SYSTEMS LTD
Company Number: 17048368
Registered Office: Suite 12, 2nd Floor, Queens House, 180 Tottenham Court Road, London, W1T 7PD
Contact Email: [email protected]

For the purposes of applicable data protection laws, SOFTRELIC SYSTEMS LTD acts as the data controller in relation to personal data processed via the Website and associated services.

2. Scope of This Policy

This Privacy Policy applies to personal data collected:

  • Through the Website
  • When creating and managing user accounts
  • When communicating with us
  • Through cookies and similar technologies
  • In connection with service provision

3. Personal Data We Collect

3.1 Information Provided by You

We may collect:

  • Full name
  • Company or business details (where applicable)
  • Email address
  • Contact details
  • Account credentials (stored securely in encrypted/hashed form)
  • Communications and support enquiries

You are responsible for ensuring that the information you provide is accurate and up to date.

3.2 Automatically Collected Information

When you access the Website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device identifiers
  • Operating system
  • Log files and timestamps
  • Usage data and interaction history
  • Approximate location data (derived from IP)

This information is used for security, analytics, and service improvement.

3.3 Payment Information (If Applicable)

If payments are available via the Website:

  • Card payments are processed by PCI-DSS compliant third-party payment service providers.
  • We do not store full card numbers, CVV codes, or sensitive authentication data.
  • Payment data is transmitted via encrypted SSL/TLS connections.
  • We may receive limited transaction data (e.g., payment status, transaction ID, masked card details).

The Company does not hold client funds.

4. Lawful Basis for Processing

We process personal data on the following legal bases:

  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate business interests (including fraud prevention and platform security)
  • Consent (where required)

Where processing is based on legitimate interests, we ensure such interests do not override your fundamental rights and freedoms.

5. How We Use Personal Data

We use personal data to:

  • Provide and operate our services
  • Manage user accounts
  • Respond to enquiries and provide support
  • Maintain platform security
  • Prevent fraud, misuse, and unauthorised access
  • Improve performance and functionality
  • Comply with regulatory and legal requirements
  • Defend legal claims or disputes

We do not sell personal data to third parties.

6. Fraud Prevention & Regulatory Cooperation

To protect the integrity of our platform and comply with applicable legal and financial obligations, we may:

  • Monitor activity for fraud indicators
  • Retain logs for security and audit purposes
  • Share necessary information with payment processors
  • Cooperate with acquiring banks and card schemes (including Visa and Mastercard) in connection with chargebacks, disputes, or fraud investigations
  • Disclose information where required by law or regulatory authorities

7. Sharing of Personal Data

We may share personal data with:

  • Cloud hosting providers
  • IT infrastructure and security providers
  • Payment service providers (where applicable)
  • Professional advisers (legal, compliance, accounting)
  • Law enforcement or regulatory authorities
  • Acquiring banks and card networks where required

All third-party processors are contractually bound to process data in accordance with applicable data protection laws.

8. International Transfers

Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, including:

  • UK International Data Transfer Agreement (IDTA)
  • Standard Contractual Clauses (SCCs)
  • Transfers to jurisdictions with adequacy decisions

9. Data Retention

We retain personal data only for as long as necessary for:

  • Service provision
  • Legal and regulatory compliance
  • Fraud prevention
  • Accounting and audit requirements
  • Dispute and chargeback handling

Retention periods may extend up to six (6) years where required by law or compliance standards. When no longer required, data is securely deleted or anonymised.

10. Data Security

We implement appropriate technical and organisational measures, including:

  • Encryption in transit (TLS/SSL)
  • Role-based access controls
  • Secure hosting infrastructure
  • Logging and monitoring systems
  • Regular security assessments

While we take reasonable steps to protect personal data, no system can guarantee absolute security.

11. Data Breach Procedures

In the event of a personal data breach:

  • We will assess the incident without undue delay
  • Notify the UK Information Commissioner's Office (ICO) where required
  • Inform affected individuals where legally required

12. Your Rights

Under applicable data protection laws, you may have the right to:

  • Access your personal data
  • Rectify inaccurate information
  • Request erasure (where applicable)
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent (where applicable)

To exercise your rights, contact: [email protected]

We may request identity verification before fulfilling requests.

13. Cookies

We use cookies and similar technologies for:

  • Essential functionality
  • Security
  • Analytics (if enabled)

You may adjust browser settings to manage cookies.

14. Children

The Website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version becomes effective upon publication on the Website.

16. Contact

If you have questions regarding this Privacy Policy, please contact:

SOFTRELIC SYSTEMS LTD
Suite 12, 2nd Floor, Queens House
180 Tottenham Court Road
London, W1T 7PD
Email: [email protected]