Privacy Policy
Last updated: 2026-01-08
Who We Are
This Service is provided by NEXT GEN UNLEASHED LIMITED ("we", "us", "our"). For UK data
protection purposes, we are the data controller for personal data we process about people who
use this Service (for example, staff user accounts).
- Company name: NEXT GEN UNLEASHED LIMITED
- Company number: 14366349
- Registered office: 69 High Street, Chelmsford, England, CM1 1DH
If you have questions or requests about this Privacy Policy or your personal data, you can contact us by post at
the registered office address above or using the support/contact details made available within the Service.
Scope
This Privacy Policy applies to our website and the mobile application.
Information We Collect
- Account and access data: staff/user names, login identifiers, authentication/session data (including cookies), user role/type, and basic account metadata.
- Store and operational data: store details, staff details, bookings, repairs, inventory, rota information, invoices, and reports you create or manage in the Service.
- Customer/end-customer data you input: customer contact details and related notes, where you choose to store them in the Service.
- Transaction and payment-related data: sales, refunds, and payment status information; payment processing is typically handled by external payment providers.
- Uploaded content: files you upload to the Service (for example, invoices, receipts, or other attachments, depending on the features you use).
- Technical data: IP address, device/browser details (such as user agent), and logs used for security, troubleshooting, and performance.
- Support communications: messages and any information you provide when contacting us for support.
How We Use Information
- Provide, operate, and maintain the Service.
- Authenticate users and protect against fraud/unauthorized access.
- Process and reconcile orders, payments, refunds, and related workflows.
- Provide customer support and respond to requests.
- Monitor, debug, and improve performance and reliability.
- Comply with legal obligations and enforce terms/policies.
Lawful Bases for Processing (UK GDPR)
We rely on one or more of the following lawful bases, depending on the situation:
- Contract: to provide the Service you request (for example, user authentication and core features).
- Legitimate interests: to secure, maintain, and improve the Service (for example, preventing fraud and investigating technical issues).
- Legal obligation: where we must retain certain records for legal, tax, or regulatory requirements.
- Consent: where required for specific optional processing (for example, non-essential cookies, if used).
Controller/Processor Roles
Where the Service is used by a business to store and manage its own customer data, that business is typically the
data controller for that customer data, and we act as a data processor on its
behalf. In those cases, requests about end-customer data (such as access or deletion) should usually be made to
the relevant business using the Service.
Sharing and Disclosure
We may share information in the following circumstances:
- Service providers: hosting and infrastructure providers used to operate the Service (for example, our hosting provider).
- Payment providers: when you use payment features, relevant data may be shared with payment processors (for example, Square or Viva Wallet) to complete transactions.
- Content delivery and libraries: some pages load third-party libraries from CDNs. Those providers may receive technical data such as IP address and user agent when your device fetches those assets.
- Legal and safety: to comply with law, respond to lawful requests, or protect rights, safety, and security.
- Business changes: in connection with a merger, acquisition, financing, reorganization, or sale of assets.
We do not sell personal data and we do not share personal data with third parties for their own direct marketing.
International Transfers
Some of our suppliers (including CDNs and payment providers) may process personal data outside the UK. Where
required, we use appropriate safeguards for such transfers, such as the UK International Data Transfer Agreement
(IDTA), the UK Addendum to EU Standard Contractual Clauses, or other lawful transfer mechanisms.
Cookies and Similar Technologies
The Service uses cookies and similar technologies to keep you signed in, remember preferences, and support core
functionality. You can control cookies through your browser settings, but disabling certain cookies may affect
how the Service works.
For example, we use an authentication cookie to help keep you logged in so you do not need to sign in
repeatedly.
Data Retention
We retain information for as long as needed to provide the Service, meet operational requirements, and comply
with legal obligations. Retention periods may vary depending on the type of data and how the Service is used.
For example, we may retain certain business and transaction records for longer periods where necessary for
accounting, tax, audit, and dispute resolution purposes.
Security
We use administrative, technical, and organizational measures designed to protect information. No method of
transmission or storage is completely secure, and we cannot guarantee absolute security.
Your Rights
Depending on your location, you may have rights to access, correct, delete, or restrict the use of certain
information. To make a request, contact us through the support channels provided in the Service.
- Request access to your personal data.
- Request correction of inaccurate or incomplete personal data.
- Request deletion of your personal data (where applicable).
- Request restriction of processing (where applicable).
- Object to processing based on legitimate interests (where applicable).
- Request portability of personal data you provided to us (where applicable).
- Withdraw consent at any time where we rely on consent (this does not affect processing already carried out).
You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's
Office (ICO): https://ico.org.uk/.
Changes to This Policy
We may update this Privacy Policy from time to time. If we make changes, we will update the "Last updated" date
on this page.