Effective date: 21 September 2025

DebtRiot Privacy Policy

This Privacy Policy explains how DebtRiot (“DebtRiot”, “we”, “us”) handles your information when you use debtriot.co.uk. DebtRiot is UK-based and aims to comply with UK data protection law (UK GDPR and the Data Protection Act 2018).

1) Who we are (data controller)

DebtRiot
Contact: hello@debtriot.co.uk

2) What we do (and don’t) collect

  • No accounts, no sign-ups. Using our calculators doesn’t require an account.

  • Calculator inputs stay in your browser. Figures you enter (income, essentials, debts, etc.) are processed locally in your browser to generate previews and your PDF plan. We do not receive these inputs on our servers.

  • Local/session storage. We may store your inputs locally in your browser (e.g., localStorage or sessionStorage) so you can complete payment and generate your PDF on the thank-you page. You can clear this any time via your browser settings.

  • Optional contact. If you email us or use the contact form, we process what you send (e.g., name, email, message) so we can reply.

We do not intentionally collect special category data. Please don’t include sensitive information in free-text fields.

3) Payments (Stripe)

We use Stripe to process payments. Stripe acts as a separate controller for card data and may process your name, email, billing details and device information for fraud prevention. DebtRiot does not receive card numbers.
Learn more: stripe.com/privacy

Lawful basis: performance of a contract (providing the purchased PDF plan) and legitimate interests (fraud prevention).

4) Cookies & analytics

  • We do not use advertising pixels or behavioural ad tracking.

  • If we use privacy-preserving analytics, these will not identify you personally or use tracking cookies.

  • If we ever introduce cookies that require consent, we’ll show a clear cookie banner and update this page.

5) Why we use information (lawful bases)

  • Provide the service / PDF plan (performance of a contract).

  • Respond to your messages (legitimate interests).

  • Improve and protect our site (legitimate interests, e.g., security, debugging).

  • Legal or regulatory obligations (where applicable).

6) Data sharing

We don’t sell your data. We may share limited information with service providers who help us run the site (e.g., website hosting, payment processing, email service). They must keep it secure and use it only to provide their services.

7) International transfers

Some providers (e.g., Stripe) may process data outside the UK/EEA. Where that happens, they use appropriate safeguards (such as UK-approved Standard Contractual Clauses).

8) Retention

  • Calculator inputs in your browser: only until you clear them or close the session (depending on your browser and whether localStorage or sessionStorage is used).

  • Support emails / contact form: typically up to 24 months to manage queries and maintain records, unless we need to keep them longer for legal reasons.

9) Your rights (UK residents)

You may have rights to access, correct, delete, restrict or object to processing, and data portability. Because we generally don’t store calculator inputs server-side, many rights won’t apply to those inputs. For contact messages, email hello@debtriot.co.uk.

10) Children

DebtRiot is not directed to children under 13, and we don’t knowingly collect data from children.

11) Security

We use reasonable technical and organisational measures to protect information. No method of transmission or storage is 100% secure.

12) Changes

We may update this notice from time to time. We’ll post the new effective date at the top of this page.

Contact: hello@debtriot.co.uk