/ Legal

SiteDesk Privacy Policy

Last updated: 20 June 2026

This notice explains how Beagle Direct Ltd handles personal data in connection with SiteDesk. It covers the data we hold to run your firm's subscription and to operate the service.

This page is provided for information and we will keep it current, dating each change at the top. It is not legal advice. Some items below are sensible defaults still to be confirmed, and are flagged where they appear.

1 Who we are and the two roles

SiteDesk is provided by Beagle Direct Ltd, a private company limited by shares registered in England and Wales, company number 17290514, registered office 124-128 City Road, London, England, EC1V 2NX. We are the data controller for the data this notice covers.

There are two roles, and they apply to two different sets of data:

For the account and billing data we hold to run your firm's subscription, we are the controller. That is what this notice is about.
For the business and customer data your firm puts into the service, your firm is the controller and we are the processor acting on your firm's instructions. That data is handled under your firm's own privacy notice and our Data Processing Addendum, not this one.

2 What this notice covers

This notice covers the controller side: the personal data of the people who set up and run a firm's SiteDesk account, and of those who join the waitlist or early-access programme.

It does not cover the personal data of a firm's own customers that the firm puts into the service. If you are a customer of a firm that uses SiteDesk and you have a question about your information, please contact that firm. They are the controller of it.

3 Personal data we collect

On the controller side we may collect:

your name and job title;
your work email and phone number;
your firm's name and details;
your login and account credentials;
billing and payment details;
your correspondence with our support team; and
usage and technical data, including your IP address and log data, generated when you use the service.

4 Where we get it

We get most of this directly from you, when you join the waitlist, set up an account, use the service, or contact us. Some technical and usage data is generated automatically as you use the service.

5 Purposes and lawful bases

We use the data above for the purposes set out here, each with its lawful basis under UK GDPR:

Purpose	Lawful basis
To set up your account and provide the service to your firm	Performance of a contract
To take payment and keep billing records	Performance of a contract; legal obligation for tax records
To keep tax and accounting records	Legal obligation
To improve and secure the service	Legitimate interests: running, improving and protecting a service our customers rely on
To respond to your support requests	Performance of a contract; legitimate interests in helping our customers
To send marketing about SiteDesk	Consent, or the soft opt-in for existing customers, with an easy way to opt out at any time

Where we rely on legitimate interests, we have weighed our interest against your rights, and you can ask us about that assessment.

6 Waitlist and early access

If you join the waitlist or early-access programme, we hold the details you give us (your name, your firm, your contact details and a note about your trade) so we can get in touch when a place is available. Joining the waitlist costs nothing and commits you to nothing. We rely on your consent to hold and use these details for this purpose, and you can ask us to remove you at any time.

7 Recipients and sub-processors

We use the following categories of provider to help us run the service, and we share personal data with them only as needed for that purpose:

Hosting and infrastructure: Cloudflare.
Payment processing: a payment provider, to be confirmed by us.
Transactional email: an email-delivery provider, to be confirmed.
Analytics: an analytics provider, to be confirmed.
Artificial intelligence: an AI provider used to prepare output, to be confirmed.

We will name each provider here once it is set, and we require every one to protect personal data and to process it only on our instructions.

8 International transfers

Some of our providers may process data outside the United Kingdom. Where they do, we put a lawful safeguard in place: an International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or reliance on UK adequacy where the destination has it. The actual list of transfers depends on the final providers and is to be confirmed alongside the recipient list in section 7.

9 How long we keep it

We keep account data for the life of your firm's subscription and for a short period afterwards, then delete it from our live systems. We keep billing and tax records for six years, as UK tax law requires. These periods are stated as defaults and are to be confirmed.

10 Security

We use appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit, and keeping each firm's data separated on our platform. No system is completely secure, but we take steps proportionate to the data we hold.

11 Your rights

Under UK GDPR you have the right to:

ask for a copy of the personal data we hold about you (access);
have inaccurate data corrected (rectification);
have data erased in certain cases (erasure);
ask us to restrict how we use your data (restriction);
object to processing we base on legitimate interests, and to marketing (objection);
receive certain data in a portable form (portability);
rights in relation to automated decisions (see section 12); and
withdraw consent at any time, where we rely on consent.

To exercise any of these, contact us using the details in section 16.

12 Automated decision-making

SiteDesk generates output automatically, but a person at your firm approves every output before it is used. Because a person reviews and decides, we do not make decisions about you that are based solely on automated processing and that produce legal or similarly significant effects on you.

13 Complaining to the ICO

If you are unhappy with how we handle your personal data, please come to us first so we can try to put it right. You also have the right to complain to the Information Commissioner's Office, the UK's data protection regulator: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; helpline 0303 123 1113; ico.org.uk.

14 Cookies and analytics

We use cookies that are strictly necessary to run the site and the service. For non-essential cookies, including analytics cookies, we ask for your consent first, and we do not use pre-ticked boxes. You can change your choice at any time. The exact list of cookies is to be confirmed once the analytics stack is set, and this notice will be updated to show it.

15 Changes to this notice

We may update this notice from time to time. The "last updated" date at the top shows the current version, and we will tell you about any significant change.

16 Contact and data protection

For any privacy question, or to exercise your rights, contact us at privacy@beagle.direct, or write to Beagle Direct Ltd at the registered office above.

Beagle Direct Ltd has appointed a Data Protection Officer, Joel Smalley. You can contact the Data Protection Officer at privacy@beagle.direct.

A note on this notice. This page is provided for information and we will keep it current. Items flagged above are defaults still to be confirmed, and a solicitor should review this notice and the recipient list before it is relied on.