Sell for FreeContact UsLog In

Privacy Policy

Last updated: 14 May 2026

This Privacy Policy explains how PROPERTY AUCTIONS IO LTD (“we”, “us”, “our”) collects, uses, stores and protects personal data when you use our website propertyauctions.io (the “Website”).

This policy is written to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

1. Who We Are (Data Controller)

PROPERTY AUCTIONS IO LTD

Craven Court, Glebeland Road, Camberley, Surrey, GU15 3BU, United Kingdom

We are the data controller for the personal data processed through this Website.

We have not appointed a statutory Data Protection Officer as we are not legally required to do so. Responsibility for data protection compliance sits with company management.

2. Applicable Law

We process personal data in accordance with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR)

3. Personal Data We Collect

3.1 Data You Provide Directly

Depending on how you use the Website, we may collect:

  • Full name
  • Email address
  • Telephone number
  • Postal address
  • Account login details
  • Enquiry and correspondence data

Where paid services or identity verification are required, we may also collect:

  • Date of birth
  • Identity verification documents (e.g. passport or driving licence)
  • Proof of address

We only collect identity or verification data where it is legally required or necessary for fraud prevention or compliance purposes.

3.2 Payment Data

When you purchase a paid subscription, payments are processed securely by Stripe Payments UK Ltd ("Stripe"). We do not collect, store, or process full payment card details on our servers.

The following information is shared with Stripe to complete your transaction:

  • Name and email address
  • Billing address
  • Transaction amount and subscription plan details
  • Payment method information (e.g., card type, last four digits)

Stripe acts as an independent data controller for the payment data it processes. You should review Stripe's Privacy Policy for details on how they handle your information.

We do not use other payment providers (e.g., PayPal, Square) at this time. If we introduce additional providers, this policy will be updated accordingly.

3.3 Automatically Collected Data

When you use the Website, we automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Referring URLs

This data is collected through cookies and similar technologies (see Section 8).

3.4 Third-Party Account Data

If you choose to register or log in using a third-party service (e.g. Google or Facebook), we may receive limited profile information such as your name and email address in accordance with that provider’s privacy settings.

4. How We Use Your Personal Data

We use personal data for the following purposes:

  • To operate, maintain and improve the Website
  • To create and manage user accounts
  • To respond to enquiries and requests
  • To provide services you request, including paid subscriptions
  • To process payments and prevent fraud
  • To send service-related communications (e.g., subscription confirmations, renewal notices)
  • To send marketing communications where permitted by law
  • To analyse Website usage and performance
  • To comply with legal and regulatory obligations, including tax and accounting record-keeping

5. Legal Bases for Processing

We process personal data under the following legal bases:

  • Contract: where processing is necessary to provide services (including paid subscriptions) or manage accounts
  • Legal obligation: where required by law (e.g., financial or fraud-prevention obligations, tax record-keeping)
  • Legitimate interests: for Website security, service improvement, fraud prevention, and direct marketing to existing customers (balanced against your rights)
  • Consent: for non-essential cookies and direct marketing to new contacts where required

You may withdraw consent at any time where consent is the legal basis.

6. Marketing Communications

We may send marketing communications by email where:

  • You have given consent, or
  • The UK PECR "soft opt-in" applies (existing customers who purchased a subscription or made an enquiry)

You can opt out at any time by:

  • Using the unsubscribe link in emails, or
  • Contacting us directly

7. Sharing Your Personal Data

We may share personal data with:

  • Service providers acting as data processors (hosting, analytics, email delivery)
  • Payment providers – specifically Stripe (as described in Section 3.2). Stripe processes your payment data as an independent controller for fraud prevention, payment processing, and compliance purposes.
  • Professional advisers (legal, accounting)
  • Regulators or authorities where legally required
  • A buyer or successor in the event of a business sale or restructuring

We do not sell personal data.

8. Cookies and Tracking Technologies

We use cookies and similar technologies in accordance with PECR and the UK GDPR.

8.1 Types of Cookies

  • Strictly necessary cookies: required for the Website to function (including essential payment session cookies)
  • Functional cookies: remember user preferences
  • Analytics cookies: help us understand how visitors use the Website

8.2 Analytics Services

We use the following third-party analytics services:

Google Analytics

Google Analytics is a web analytics service provided by Google LLC. It uses cookies and similar technologies to collect information about how users interact with the Website, including pages visited, time spent on pages, and device information.

Google acts as an independent data controller in respect of analytics data it collects. We have configured Google Analytics to use IP anonymisation where available. Data may be transferred outside the UK; where this occurs, appropriate safeguards are used in accordance with UK data protection law.

You can learn more about Google’s data practices and how to opt out by visiting Google’s Privacy Policy: https://policies.google.com/privacy

PostHog

We also use PostHog for product analytics and Website usage analysis. PostHog helps us understand how users interact with features of the Website so we can improve functionality and user experience.

PostHog processes analytics data on our behalf as a data processor, acting only on our instructions. Depending on configuration, PostHog may process data within the UK, EEA, or other jurisdictions using appropriate safeguards.

You can learn more about PostHog’s data practices here: https://posthog.com/privacy

8.3 Consent

  • Analytics cookies are non-essential and are only placed with your consent
  • You can manage or withdraw consent at any time via our cookie banner or browser settings

Further details are available in our separate Cookies Policy.

9. Data Retention

We retain personal data only for as long as necessary:

  • Account data: for the duration of the account plus up to 6 years after closure (for legal and tax purposes)
  • Transaction and subscription data: up to 6 years for legal, accounting, and tax purposes (including payment records)
  • Marketing data: until consent is withdrawn
  • Analytics data: anonymised or deleted within 26 months

10. International Data Transfers

Some service providers (including Stripe and Google) may process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • UK adequacy regulations
  • International Data Transfer Agreements (IDTA)
  • UK Addendum to Standard Contractual Clauses

Stripe transfers data in accordance with its Data Processing Agreement, which incorporates UK transfer mechanisms.

11. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent

Requests can be made using the contact details in Section 16.

12. Complaints

You have the right to complain to the UK supervisory authority:

We encourage you to contact us first so we can address your concerns.

13. Children’s Data

The Website is not intended for children under the age of 13, and we do not knowingly collect personal data from children.

14. Security

We implement appropriate technical and organisational measures to protect personal data. However, no system is completely secure.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Material changes (such as new payment providers) will be notified to you by email or via a notice on the Website.

16. Contact Us

If you have any questions about this Privacy Policy or how we handle personal data, please contact us via the Website or at our registered address.

We use cookies to analyze site usage and improve your experience. By continuing to use this site, you agree to our use of cookies.