53degrees
Topography
Legal

Privacy Policy

This policy explains how 53 Degrees App LTD (“53°”, “we”, “us”, “our”) collects, uses, and protects your personal data when you use our website and our software-as-a-service platform (the “Service”). We’ve kept it clear and concise.

Last updated: 25 September 2025 | Legal entity: 53 Degrees App LTD (UK) | Contact: support@53degrees.app | Governing data laws: UK GDPR and Data Protection Act 2018

1) Who this policy applies to

  • Website visitors


  • Account holders and users of the Service


  • Your customers and contacts whose data you upload to the Service (“Customer Data”)

For Customer Data, you (the business using 53°) are the “controller” and we are your “processor.”

2) The data we collect

  • Data you provide to us:

  • Account data: name, email, password, role, organisation details, billing contacts

  • Billing data: address, VAT number, plan, payment method info (tokenised via our payment processor)

  • Communications: support requests, feedback, survey responses

  • Data we collect automatically:

    • Usage and device data: IP address, browser, device type, pages viewed, actions in-app, crash logs

    • Cookies and similar tech: for sign-in, preferences, analytics, and improving the Service

  • Data you upload (“Customer Data”):

    • Contacts, leads, proposals, bookings, schedules, notes, files and other information you choose to store in the Service. This may include personal data about your customers and team members.

We do not intentionally collect Special Category Data. If you choose to store it, you must have a lawful basis and appropriate safeguards.

3) How we use your data

  • To provide and secure the Service:

    • Create and manage accounts, authenticate users, provide features, maintain security, prevent abuse

  • To bill and administer:

    • Process subscriptions, invoices, and payments; send service and billing communications

    • To improve the Service:

    • Monitor usage trends, fix bugs, develop new features, run analytics and A/B tests.

  • To support you:

    • Respond to queries, provide help, and communicate service updates

  • To meet legal obligations:

    • Maintain records, comply with tax, accounting, and regulatory requirements

  • Marketing (optional):

    • With your consent or where permitted, send product updates, tips, and offers. You can unsubscribe at any time.

Lawful bases under UK GDPR include performance of a contract, legitimate interests (e.g., service improvement, security), consent (for certain marketing/cookies), and legal obligation.

4) Cookies and analytics

  • Essential cookies: required for login, security, and core functionality.

  • Analytics cookies: help us understand usage and improve the Service.

  • Marketing cookies (if used): for measuring campaigns.

You can control non-essential cookies via our cookie banner or your browser settings. Blocking some cookies may affect functionality.

5) Payment processing

We use a third-party payment processor to handle card payments. We do not store full card numbers. The processor stores and processes payment data in accordance with PCI DSS.

6) Sharing your data

We share data only as needed to run the Service, or when required by law.

  • Sub-processors: hosting, email delivery, analytics, customer support tools, error monitoring, and payment processing. They act on our instructions and are bound by confidentiality and data protection obligations.

  • Professional services: lawyers, accountants, insurers (for compliance and governance).

  • Legal: if required by law or to protect rights, safety, or prevent fraud/abuse.

  • Business transfers: if we undergo a merger, acquisition, or similar, we may transfer data to the new entity with appropriate safeguards.

A current list of sub‑processors is available on request. We will notify you of material changes where required.

7) International data transfers

Your data may be processed outside the UK. When we transfer personal data internationally, we use lawful safeguards such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, plus additional measures where appropriate.

8) Data retention

  • Account and billing data: kept for the life of your account and then as needed for legal/accounting purposes (typically up to 7 years in the UK).

  • Customer Data: stored while your account is active. After termination, we delete or return it on request within 30 days, unless we must keep it by law or for legitimate security/backup reasons for a limited time.

  • Support communications and logs: retained for a reasonable period to help with troubleshooting and compliance.

We aim to minimise retention and delete or anonymise data when no longer needed.

9) Security

We use appropriate technical and organisational measures to protect personal data, including:

  • Encryption in transit, logical segregation, role-based access, least-privilege controls

  • Regular backups, monitoring, and vulnerability management

  • Staff confidentiality obligations and access controls

No system is perfectly secure. If we become aware of a personal data breach likely to result in a risk to individuals, we will notify you without undue delay and cooperate as required by law.

10) Your rights (UK GDPR)

You have rights over your personal data, including:

  • Access: request a copy of your data we hold

  • Correction: ask us to fix inaccurate data

  • Deletion: request deletion in certain cases

  • Restriction and objection: limit or object to processing in certain cases

  • Portability: receive your data in a portable format where applicable

  • Withdraw consent: where processing is based on consent

For Customer Data where we act as processor, please contact the controller (the 53° customer organisation). We will assist them in responding to your request.

To exercise your rights, email support@53degrees.app. We may need to verify your identity. You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk, though we’d appreciate the chance to resolve your concerns first.

11) Children

Our Service is not directed to children under 16. Do not use the Service or provide personal data if you are under 16.

12) Marketing preferences

You can unsubscribe from marketing emails via the link in the message or by contacting us. We may still send essential service, security, or billing messages.

13) Controller/processor details for Customer Data

  • You (the 53° customer) are the controller of Customer Data stored in your account.

  • 53 Degrees App LTD is the processor and will:

    • act only on your documented instructions;

    • implement appropriate security measures;

    • ensure staff confidentiality;

    • assist with data subject requests and breach notifications;

    use approved sub‑processors and remain responsible for them;

- support audits/assessments where reasonable; and

- delete or return personal data at the end of the services (subject to legal retention).

If you need a signed Data Processing Addendum (DPA), email support@53degrees.app.

14) How we communicate with you

We may contact you by email or in‑app notifications for service notices, updates, and support. Support response time target is within 48 hours on business days (UK time).

15) Changes to this policy

We may update this policy from time to time to reflect changes in law or our Service. We will post the new version and update the “Last updated” date. For material changes, we will give reasonable notice. If you continue to use the Service after changes take effect, you agree to the updated policy.

16) Contact us

  • Email: support@53degrees.app

  • Company: 53 Degrees App LTD

  • Registered address: 18 Hanover Square, Leeds, West Yorkshire LS31AP

  • Company number: 16727854