Privacy Policy

Last updated: 14 December 2025

This Privacy Policy explains how PROPERTY AUCTIONS IO LTD (“we”, “us”, “our”) collects, uses, stores and protects personal data when you use our website propertyauctions.io (the “Website”).

This policy is written to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

1. Who We Are (Data Controller)

PROPERTY AUCTIONS IO LTD Craven Court, Glebeland Road, Camberley, Surrey, GU15 3BU United Kingdom

We are the data controller for the personal data processed through this Website.

• Contact email: [email protected]
• Contact page: https://propertyauctions.io/contact-us

We have not appointed a statutory Data Protection Officer as we are not legally required to do so. Responsibility for data protection compliance sits with company management.

2. Applicable Law

We process personal data in accordance with: - UK General Data Protection Regulation (UK GDPR) - Data Protection Act 2018 - Privacy and Electronic Communications Regulations (PECR)

3. Personal Data We Collect

3.1 Data You Provide Directly

Depending on how you use the Website, we may collect:

• Full name
• Email address
• Telephone number
• Postal address
• Account login details
• Enquiry
• correspondence data

Where paid services or identity verification are required, we may also collect:

• Date of birth
• Identity verification documents (e.g. passport or driving licence)
• Proof of address

We only collect identity or verification data where it is legally required or necessary for fraud prevention or compliance purposes.

3.2 Payment Data

Payments are processed by third-party payment providers. We do not store full payment card details.

Payment providers may include:

• Stripe
• PayPal
• Square

These providers act as independent data controllers for payment processing.

3.3 Automatically Collected Data

When you use the Website, we automatically collect:

• IP address
• Browser type and version
• Device information
• Pages visited and time spent
• Referring URLs

This data is collected through cookies and similar technologies (see Section 8).

3.4 Third-Party Account Data

If you choose to register or log in using a third-party service (e.g. Google or Facebook), we may receive limited profile information such as your name and email address in accordance with that provider’s privacy settings.

4. How We Use Your Personal Data

We use personal data for the following purposes:

• To operate, maintain and improve the Website
• To create and manage user accounts
• To respond to enquiries and requests
• To provide services you request
• To process payments and prevent fraud
• To send service-related communications
• To send marketing communications where permitted by law
• To analyse Website usage and performance
• To comply with legal and regulatory obligations

5. Legal Bases for Processing

We process personal data under the following legal bases:

• Contract: where processing is necessary to provide services or manage accounts
• Legal obligation: where required by law (e.g. financial or fraud-prevention obligations)
• Legitimate interests: for Website security, service improvement and fraud prevention (balanced against your rights)
• Consent: for non-essential cookies and direct marketing where required

You may withdraw consent at any time where consent is the legal basis.

6. Marketing Communications

We may send marketing communications by email where:

• You have given consent, or
• The UK PECR “soft opt-in” applies (existing customers)

You can opt out at any time by: - Using the unsubscribe link in emails, or - Contacting us directly

7. Sharing Your Personal Data

We may share personal data with:

• Service providers acting as data processors (hosting, analytics, email delivery)
• Payment providers
• Professional advisers (legal, accounting)
• Regulators or authorities where legally required
• A buyer or successor in the event of a business sale or restructuring

We do not sell personal data.

8. Cookies and Tracking Technologies

We use cookies and similar technologies in accordance with PECR and the UK GDPR.

8.1 Types of Cookies

• Strictly necessary cookies: required for the Website to function
• Functional cookies: remember user preferences
• Analytics cookies: help us understand how visitors use the Website

8.2 Analytics Services

We use the following third-party analytics services:

Google Analytics

Google Analytics is a web analytics service provided by Google LLC. It uses cookies and similar technologies to collect information about how users interact with the Website, including pages visited, time spent on pages, and device information.

Google acts as an independent data controller in respect of analytics data it collects. We have configured Google Analytics to use IP anonymisation where available. Data may be transferred outside the UK; where this occurs, appropriate safeguards are used in accordance with UK data protection law.

You can learn more about Google’s data practices and how to opt out by visiting Google’s Privacy Policy: https://policies.google.com/privacy

PostHog We also use PostHog for product analytics and Website usage analysis. PostHog helps us understand how users interact with features of the Website so we can improve functionality and user experience.

PostHog processes analytics data on our behalf as a data processor, acting only on our instructions. Depending on configuration, PostHog may process data within the UK, EEA, or other jurisdictions using appropriate safeguards.

You can learn more about PostHog’s data practices here: https://posthog.com/privacy

8.3 Consent

• Analytics cookies are non-essential and are only placed with your consent
• You can manage or withdraw consent at any time via our cookie banner or browser settings

Further details are available in our separate Cookies Policy.

9. Data Retention

We retain personal data only for as long as necessary:

• Account data: for the duration of the account plus up to 6 years
• Transaction data: up to 6 years for legal and tax purposes
• Marketing data: until consent is withdrawn
• Analytics data: anonymised or deleted within 26 months

10. International Data Transfers

Some service providers may process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, such as:

• UK adequacy regulations
• International Data Transfer Agreements (IDTA)
• UK Addendum to Standard Contractual Clauses

11. Your Data Protection Rights

Under UK GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent

Requests can be made using the contact details above.

12. Complaints

You have the right to complain to the UK supervisory authority:

• Information Commissioner’s Office (ICO)
• Website: https://ico.org.uk

We encourage you to contact us first so we can address your concerns.

13. Children’s Data

The Website is not intended for children under the age of 13, and we do not knowingly collect personal data from children.

14. Security

We implement appropriate technical and organisational measures to protect personal data. However, no system is completely secure.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.

16. Contact Us

If you have any questions about this Privacy Policy or how we handle personal data, please contact:

Email: [email protected] Website: https://propertyauctions.io/contact-us