← Back to Home

Privacy Policy

Last updated: November 2025

1. Introduction

SmartCheck ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at smartcheck.dev and our business plan generation service (the "Service").

We are based in the United Kingdom and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you create an account, we collect your email address and password (encrypted).
  • Business Ideas: The business ideas and descriptions you submit for plan generation.
  • Payment Information: When you purchase tokens, payment is processed by Stripe. We do not store your full credit card details.

2.2 Information Collected Automatically

  • Usage Data: Information about how you use the Service, including pages visited and features used.
  • Device Information: Browser type, operating system, and device identifiers.
  • Log Data: IP address, access times, and referring URLs.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your transactions and manage your account
  • Generate AI-powered business plans based on your submissions
  • Send you service-related communications
  • Respond to your inquiries and provide customer support
  • Monitor and analyse usage patterns to improve user experience
  • Detect and prevent fraud or abuse

4. Legal Basis for Processing (UK GDPR)

We process your personal data on the following legal bases:

  • Contract: Processing necessary to perform our contract with you (providing the Service)
  • Legitimate Interests: Processing for our legitimate business interests, such as improving the Service and preventing fraud
  • Consent: Where you have given explicit consent for specific processing activities
  • Legal Obligation: Processing necessary to comply with legal requirements

5. Third-Party Services

We use the following third-party services to operate our platform:

  • Supabase: Authentication and user management
  • Stripe: Payment processing (see Stripe's Privacy Policy)
  • AI Service Providers: To generate business plans (your business ideas are processed by AI models)
  • Vercel: Website hosting

These services have their own privacy policies and may collect data independently.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. We may retain certain information for longer periods as required by law or for legitimate business purposes.

  • Account Data: Retained until you delete your account
  • Generated Business Plans: Retained until you delete them or your account
  • Transaction Records: Retained for 7 years for tax and legal compliance

7. Your Rights

Under UK GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request restriction of processing
  • Portability: Request transfer of your data in a portable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at support@smartcheck.dev.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing
  • Access controls and authentication
  • Regular security assessments

9. Cookies

We use essential cookies to enable core functionality such as authentication and session management. These cookies are necessary for the Service to function and cannot be disabled.

10. International Data Transfers

Some of our third-party service providers may be located outside the UK. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

11. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@smartcheck.dev

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated.