Legal

Privacy Policy

This page explains what data DataHub Pro collects, why we collect it, where we store it, and what you can do about it.

Last updated: 4 May 2026 Effective: 4 May 2026 Controller: DataHub Pro Ltd, England & Wales

The short version. We store your spreadsheets and account data on UK/EU infrastructure, encrypted in transit and at rest. We never use your data to train AI models, and we never share it with advertisers or third-party data brokers. You can export or delete everything at any time.

1. Who we are

DataHub Pro is a SaaS analytics product operated by DataHub Pro Ltd ("we", "us"), registered in England & Wales. Our registered contact for privacy matters is hello@datahubpro.co.uk.

2. What we collect

Account data

Your name, email address, and a hashed password (we never store passwords in plain text).
Organisation name and any team members you invite.
Billing details — handled by our payments provider (Stripe). We never see or store full card numbers.

Files and analyses

Spreadsheets you upload, dashboards you build, and reports you generate.
Metadata about how you use the product (which tools you open, when, error logs) — used to improve reliability.

Technical data

IP address, browser type, device type, and timestamps for security and abuse-prevention purposes.
A small number of strictly-necessary cookies (see our Cookie Policy).

3. Why we collect it

We process your data on the following lawful bases under UK GDPR:

Contract — to deliver the service you signed up for (host your files, run analyses, send the reports you request).
Legitimate interest — to keep the service secure, prevent abuse, and improve reliability through anonymous diagnostics.
Legal obligation — to keep accounting records and respond to lawful requests from authorities.
Consent — for any marketing communications (you can unsubscribe at any time).

4. Where it lives

All customer data is stored on infrastructure located in the United Kingdom and the European Economic Area, provided by reputable cloud vendors (Cloudflare, Railway, AWS in the UK/EU regions). We do not transfer customer data outside the UK/EEA except where required to deliver core functionality (e.g., AI inference via Anthropic's UK/EU endpoints), and where we do, we rely on appropriate safeguards including the UK International Data Transfer Addendum and EU Standard Contractual Clauses.

5. AI and your data

Your data is never used to train AI models. When you use AI features (Ask Your Data, Auto Report, AI Insights, etc.), the relevant rows are sent to our AI provider, processed in real time, and then discarded. The provider has contractually agreed not to retain or train on the content.

6. How long we keep it

Files and analyses — kept while your account is active. Deleted within 30 days of account closure (sooner on request).
Account records — kept for the duration of the contract plus 7 years for accounting purposes (UK statutory requirement).
Diagnostic logs — anonymised after 30 days, fully deleted after 90 days.

7. Who we share it with

We share data only with the sub-processors required to deliver the service. Current sub-processors include Cloudflare (CDN, DNS), Railway (compute), Stripe (payments), Anthropic (AI inference), and Resend (transactional email). A current list with locations is available on request.

We do not sell your data, share it with advertisers, or use it for any purpose other than running the service you signed up for.

8. Your rights

Under UK and EU GDPR you have the right to:

Request a copy of your data (data portability).
Correct inaccurate data.
Delete your data ("right to erasure").
Object to or restrict processing.
Withdraw consent at any time, where consent is the lawful basis.
Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or your local supervisory authority.

Most of these can be exercised directly inside the product (Settings → Data & Privacy). For anything else, email hello@datahubpro.co.uk and we'll respond within 30 days.

9. Security

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Production access is limited to a small number of engineers and audited. We run regular dependency scans and security reviews. If you discover a vulnerability, please email hello@datahubpro.co.uk with subject "Security".

10. Changes to this policy

We may update this policy from time to time. Material changes will be flagged in-product and via email at least 14 days before they take effect. The "last updated" date at the top of this page always reflects the current version.

11. Contact

Questions, complaints, or data requests: hello@datahubpro.co.uk.