padlock security

Privacy Policy Notice

The policy: This Privacy Policy Notice is served by Castline Systems, Friday Street, Rusper, West Sussex, RH12 4QA, England and applies to the website https://secure.castlinesystems.co.uk and related online services. The purpose of this policy is to explain how we collect, control, process, handle and protect personal information when you browse our website, use our online services, or interact with our software.

If you do not agree with this policy, you should cease using our website, software, and online services and refrain from submitting personal data to us.

Policy key definitions

  • "I", "our", "us", or "we" refer to Castline Systems.
  • "You" or "the user" refers to the individual using our website, software or services.
  • GDPR means the UK General Data Protection Regulation.
  • PECR means the Privacy and Electronic Communications Regulations.
  • ICO means the Information Commissioner's Office.
  • Cookies mean small text files stored on a user’s device.

Key principles of GDPR

This Privacy Policy is based on the following principles: lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality; and accountability.

Processing of your personal data

Castline Systems is registered with the ICO under registration number Z6540873.

We process personal data electronically under the following lawful bases:

  • Lawful basis: Consent
    Purpose: Marketing communications and newsletters.
    Processing: Email addresses submitted via our website are stored for the purpose of sending marketing communications. Email verification may be required.
    Retention: Until consent is withdrawn or becomes invalid.
    Sharing: Email delivery is handled via a third-party email service provider acting as a data processor.
  • Lawful basis: Contract
    Purpose: Provision of software licences, customer accounts, technical support and billing.
    Processing: Company and contact details (such as name, address, email address and telephone number) are stored securely and accessed when required to fulfil contractual obligations.
    Retention: For the duration of the licence or subscription and for a reasonable period thereafter in accordance with legal and accounting requirements.
    Sharing: Payment processing is handled by PCI DSS-compliant providers. Castline Systems does not store card details.
  • Lawful basis: Legitimate interests
    Purpose: Maintaining accurate customer records and preferences.
    Processing: Information submitted via the Customer Area, email or telephone is used to keep records up to date and support secure customer access and service administration.
    Retention: For as long as the customer relationship remains active or until data is no longer required.
    Sharing: We do not sell or disclose personal data to third parties.
  • Lawful basis: Legitimate interests
    Purpose: Essential service communications.
    Processing: Customer contact details are used to issue important notices such as security updates, regulatory changes, service notices, or major software developments.
    Retention: While the customer relationship remains active.
    Sharing: We do not sell personal data to third parties.

If the lawful basis for processing personal data changes, we will update this policy and notify affected users where required.

Anonymous software data and online services

Certain features of our software require internet connectivity, including licence activation, online updates, and optional transmission of anonymised technical or usage data.

This anonymised data does not include personal data or project-identifiable information and is used solely to improve software functionality, performance, reliability, and future development.

Your individual rights

Under UK GDPR, you have the following rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • The right not to be subject to automated decision-making or profiling

You may lodge a complaint with the ICO at www.ico.org.uk if you believe your data has been handled improperly.

Internet cookies

We use cookies to improve website functionality, manage sessions, and analyse usage. Some cookies are essential for the operation of the website.

  • Session cookies
  • Analytics cookies (e.g. Google Analytics)
  • User preference cookies

You can manage or disable cookies through your browser settings.

Data security and protection

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse. Access to personal data is restricted to authorised personnel only.

Email marketing

Marketing communications are sent only to users who have provided consent. Messages may include tracking features such as open and click statistics to measure campaign effectiveness.

You may unsubscribe or update your preferences at any time using the links provided in marketing emails.

Contact details

For any questions regarding this Privacy Policy or to exercise your data protection rights, please contact:

Email: support@castlinesystems.co.uk
Address: Castline Systems, Friday Street, Rusper, West Sussex, RH12 4QA, England