Privacy Policy
We take your privacy seriously. This policy explains how ClearMyCase collects, uses, and protects your personal data in compliance with UK GDPR.
1. Who we are
ClearMyCase is operated by NoonTechStudio Ltd, a company registered in England and Wales.
NoonTechStudio Ltd acts as the data controller for personal data processed through the ClearMyCase platform. For all data-related enquiries, contact us at privacy@clearmycase.co.uk.
2. What data we collect
Councillor account data
Name, email address, ward and council details, and your password (stored as a one-way hash — we never store your password in plain text).
Resident data
Name, email address, postal address, complaint details, and any photos uploaded. This data is collected via the resident portal on behalf of the councillor.
Usage data
Login times, case actions taken within the platform, and IP addresses. This data is collected for security monitoring and audit purposes.
Payment data
Payments are processed by Stripe. We never store card details on our servers. Stripe's own privacy policy governs the handling of payment data.
3. How we use your data
- ✓To provide and operate the ClearMyCase platform
- ✓To send case notifications and status updates to councillors and residents
- ✓To comply with our legal obligations
We do NOT sell your data to third parties. Ever.
4. Legal basis for processing (UK GDPR)
We process personal data under the following legal bases:
- 1Legitimate interests — providing and improving the ClearMyCase service
- 2Contract performance — fulfilling the subscription agreement with you
- 3Legal obligation — compliance with applicable law
- 4Consent — where data is collected from residents via the portal, consent is obtained at the point of submission
5. Data storage and security
- —All data is stored on UK-based servers (AWS eu-west-2, London region)
- —Data is encrypted at rest and in transit (TLS 1.3 minimum)
- —We conduct regular security audits and penetration tests
- —Staff access to data is controlled by role-based permissions — only those who need access have it
6. Data retention
Active accounts
Data is retained for the lifetime of the account
Cancelled accounts
Data deleted within 30 days of cancellation, or exported on request
Resident complaint data
Retained as long as the councillor's account is active
7. Your rights (UK GDPR)
Under UK GDPR you have the following rights over your personal data:
- ✓Right to access — Request a copy of the personal data we hold about you (Subject Access Request)
- ✓Right to rectification — Ask us to correct inaccurate or incomplete data
- ✓Right to erasure — Request that we delete your personal data (right to be forgotten)
- ✓Right to data portability — Receive your data in a structured, machine-readable format
- ✓Right to object — Object to processing based on legitimate interests
To exercise any of these rights, email us at privacy@clearmycase.co.uk. We will respond within 30 days.
9. Third-party processors
We use a small number of trusted third-party processors. All processors are bound by appropriate data processing agreements.
AWS
Cloud hosting
UK region (eu-west-2, London)
Stripe
Payment processing
PCI DSS Level 1 compliant
Postmark
Transactional email
Case notifications and account emails
10. Changes to this policy
We may update this Privacy Policy from time to time. Where changes are material, we will notify councillors by email at least 14 days before the changes take effect. Continued use of the platform after that date constitutes acceptance of the updated policy.
11. Contact us
For any questions about this Privacy Policy, or to exercise your data rights: