Privacy Policy

Last updated: 20 January 2025

1. Introduction

QuickBrief ("we", "our", or "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our sanctions intelligence platform.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. QuickBrief is the data controller responsible for your personal data.

2. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, company name, and job title when you register for QuickBrief.
  • Usage Data: Information about how you use our platform, including login times, features accessed, and actions taken.
  • Audit Trail Data: Records of compliance actions taken within the platform for your regulatory requirements.
  • Payment Information: Billing details processed securely through Stripe. We do not store your full card details.
  • Technical Data: IP address, browser type, device information, and cookies for platform functionality.

3. How We Use Your Information

We use your information to:

  • Provide and maintain our sanctions monitoring and briefing services
  • Send you sanctions change alerts and compliance briefs
  • Maintain audit trails for your regulatory compliance
  • Process payments and manage your subscription
  • Respond to your enquiries and provide customer support
  • Improve our platform and develop new features
  • Comply with legal obligations

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: Processing necessary to provide our services under your subscription agreement.
  • Legitimate Interests: To improve our services and ensure platform security.
  • Legal Obligation: To comply with applicable laws and regulations.
  • Consent: For marketing communications, which you can withdraw at any time.

5. Data Sharing

We do not sell your personal data. We may share your information with:

  • Service Providers: Third-party providers who assist us in operating our platform (e.g., Clerk for authentication, Stripe for payments, cloud hosting providers).
  • Legal Requirements: When required by law or to protect our rights.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Until you delete your account
  • Audit trail data: 7 years (to support your regulatory requirements)
  • Payment records: 7 years (as required by UK tax law)
  • Marketing preferences: Until you unsubscribe

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data ("right to be forgotten").
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Request limitation of processing.
  • Objection: Object to processing based on legitimate interests.

To exercise these rights, contact us at support@quickbrief.co.uk.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Employee training on data protection
  • Incident response procedures

9. International Transfers

Your data is primarily processed within the United Kingdom and European Economic Area. Where we transfer data outside these regions, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office.

10. Cookies

We use essential cookies to ensure our platform functions correctly. These include authentication cookies and security tokens. We do not use tracking or advertising cookies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our platform. The "Last updated" date at the top indicates when the policy was last revised.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.