Privacy Policy

1. Scope and controller information

This policy applies to RAMS Builder websites, products, and services. For data protection purposes, the controller for personal data processed through this service is the RAMS Builder business identified in our contact section below.

2. Data we collect

We may collect the following categories of data:

• Account and profile data (such as name, email address, and organisation details).
• Service data you provide when creating and managing RAMS documentation, attachments, and related records.
• Transaction and billing data needed to manage subscriptions, invoicing, and account administration.
• Technical and usage data (for example device/browser information, event telemetry, and diagnostics).
• Communications data when you contact support, sales, or submit enquiries.

3. How we use data and lawful bases (GDPR)

We process personal data to:

• Provide and secure the RAMS Builder service and core product functionality.
• Manage accounts, subscriptions, billing, and customer support.
• Monitor performance, troubleshoot issues, and improve product reliability.
• Communicate service notices, legal updates, and account-related information.
• Comply with legal obligations and enforce applicable terms.

Where UK GDPR or EU GDPR applies, our lawful bases may include performance of a contract, compliance with legal obligations, legitimate interests, and consent (for optional tracking features where required).

4. Cookies and tracking technologies

We use cookies and similar tracking technologies for essential service operation, analytics, and optional advanced behavior analysis.

Product analytics may be enabled by default for service improvement. Optional session-level tracking remains off unless you choose to enable it through the in-app consent controls.

You can manage your tracking preference at consent prompts and by adjusting browser or site storage settings.

5. Sharing data and processors

We use trusted service providers (processors/subprocessors) to help operate the service, including hosting, authentication, analytics, communications, and payment tooling. These providers process data under contractual safeguards and only for authorised purposes.

We do not sell personal information for monetary compensation. We may disclose data where required by law, regulation, legal process, or to protect rights, security, and service integrity.

6. International transfers

Where data is transferred outside the UK, EEA, or your local jurisdiction, we use recognised safeguards as required by applicable law, such as contractual protections and transfer mechanisms designed to protect personal data.

7. Data retention

We retain personal data only for as long as needed for service delivery, security, legitimate business operations, dispute handling, and legal/regulatory obligations. Retention periods vary by data type and purpose.

8. Your rights (UK GDPR / EU GDPR)

Where applicable, you may have rights to:

• Access personal data we hold about you.
• Request correction of inaccurate or incomplete data.
• Request erasure of personal data in certain circumstances.
• Restrict or object to certain processing activities.
• Request portability of data you provided to us.
• Withdraw consent where processing is based on consent.

9. Your rights (CCPA / CPRA)

California residents may have rights to know, access, correct, delete, and limit certain uses of personal information, subject to applicable exceptions. You may also have rights related to sensitive personal information and non-discrimination for exercising privacy rights.

Where legally required, you may request details about categories of personal information collected, sources, business purposes, and categories of third parties with whom data is shared.

10. How to exercise your rights

To submit a privacy request, contact us using the details below and include enough information for us to verify your request and identity where required. Authorised agents may submit requests where permitted by law.

We respond within the timelines required by applicable law and may request additional information when necessary to verify request authenticity and scope.

11. Policy updates

We may update this policy from time to time. Material changes will be reflected by an updated effective date and, where appropriate, additional notice in-product or via account communications.

12. Contact

For privacy questions or rights requests, email info@100cpr.com.

You can also use our contact page.