Legal

Privacy Policy

Last updated: February 2026

1. Introduction

Jayprop Prime Ltd ("we", "us", "our") operates DunningBot (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your personal data and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller:
Jayprop Prime Ltd
Registered in England and Wales
Contact: privacy@dunningbot.com

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, business name, and contact details when you create an account or join our waitlist.
  • Payment Information: Billing details processed securely by our payment provider (we do not store full card details).
  • Communications: Messages you send us via email, Telegram, or other channels.

2.2 Information from Third-Party Services

  • Accounting Software Data: When you connect Xero or QuickBooks, we access invoice data, contact information, and payment status. We request read-only access and do not access bank account details.
  • Telegram Data: Your Telegram user ID and chat history with DunningDoug for service delivery.

2.3 Automatically Collected Information

  • Usage Data: How you interact with our Service, features used, and actions taken.
  • Device Information: Browser type, operating system, and device identifiers.
  • Log Data: IP addresses, access times, and pages viewed.

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our Service, including generating payment reminders and tracking invoices.
  • Communication: To send you service-related notifications, respond to inquiries, and provide customer support.
  • Analytics: To understand how our Service is used and improve user experience.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Security: To detect, prevent, and address technical issues, fraud, or security concerns.

4. Legal Basis for Processing (UK GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our Service to you.
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our Service and preventing fraud.
  • Consent: Where you have given explicit consent for specific processing activities.
  • Legal Obligation: Processing necessary for compliance with legal requirements.

5. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third-party companies that help us operate our Service (e.g., cloud hosting, payment processing, email delivery). These providers are contractually bound to protect your data.
  • AI Providers: We use AI services (OpenAI, Anthropic) to generate payment reminders. Invoice data is processed by these services subject to their privacy policies and our data processing agreements.
  • Legal Requirements: We may disclose information if required by law, court order, or government request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

We do not sell your personal data to third parties.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit (TLS) and at rest (AES-256)
  • Secure authentication and access controls
  • Regular security assessments and monitoring
  • Employee training on data protection

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Active account data: For the duration of your account plus 2 years
  • Invoice and payment reminder data: 7 years (for legal and accounting purposes)
  • Waitlist data: Until you request removal or 2 years, whichever is sooner
  • Analytics data: Aggregated and anonymised after 26 months

8. Your Rights

Under UK GDPR, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data ("right to be forgotten").
  • Restriction: Request restriction of processing in certain circumstances.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time.

To exercise these rights, contact us at privacy@dunningbot.com. We will respond within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. International Transfers

Your data may be transferred to and processed in countries outside the UK, including the United States (where some of our service providers are located). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK government.

10. Cookies and Tracking

We do not currently use any analytics tracking or cookies. Our website may use essential cookies for functionality (e.g., session management) in the future.

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Jayprop Prime Ltd
Email: privacy@dunningbot.com