Privacy Policy
Last updated: 16/06/2026
2.1 Data Controller
BOBSTA is operated by a UK partnership. Contact: privacy@bobsta.co.uk
We act as Data Controller for website enquiries and marketing data, and as Data Processor for customer data within the SaaS platform.
2.2 Personal Data We Collect
We may collect account and contact data such as name, email address, telephone number, and organisation details.
We may collect usage data including login activity, system usage logs, and feature interaction data.
We process customer data such as seminar bookings, delegate information, and transactional records.
We also collect technical data including IP address, browser type, device identifiers, cookies, and tracking data.
2.3 Lawful Basis for Processing
We process personal data under contractual necessity, legitimate interests, legal obligations, and consent where required.
2.4 How We Use Data
We use personal data to provide and maintain the Service, process bookings, deliver communications, provide support, and improve platform performance and security.
2.5 Data Sharing & Processors
We may share data with trusted third parties including hosting providers, payment processors, email providers, and analytics services.
All processors must act under written instructions, maintain security measures, and comply with UK GDPR requirements.
2.6 International Transfers
Where data is transferred outside the UK, we ensure appropriate safeguards such as UK adequacy regulations or Standard Contractual Clauses (SCCs).
2.7 Data Retention
We retain data only as long as necessary for service provision, legal obligations, dispute resolution, and account history.
Upon termination, data may be deleted or anonymised after a reasonable retention period.
2.8 Data Security
We implement technical and organisational measures including access controls, TLS encryption, secure hosting environments, and regular security updates. No system is entirely secure.
2.9 Data Subject Rights
You have rights under UK GDPR including access, rectification, erasure, restriction, portability, and objection. Requests can be made to privacy@bobsta.co.uk.
2.10 Cookies
We use cookies to maintain authentication sessions, improve user experience, and analyse usage where enabled. Cookies can be managed via browser settings.
2.11 Data Breach Notification
Where legally required, we will notify affected users and/or regulators of personal data breaches without undue delay.
2.12 Children’s Data
The Service is not intended for children under 16 and we do not knowingly collect their data.
2.13 Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or email.