Skip to content
Pre-releaseHovermark is in active development. Try the preview atappdev.hovermark.co.uk
Hovermark

Legal

Privacy notice

Last updated 1 April 2026

This privacy notice explains how Hovermark Ltd ("we", "us") handles personal data when you use our website at hovermark.com or the Hovermark platform.

Who we are

Hovermark Ltd is a company registered in England and Wales. Our registered office, data protection contact, and ICO registration number are listed at the bottom of this page.

For data processed inside the platform on behalf of customers, we act as the data processor and you (our customer) are the data controller. Our customers' end-users should refer to their employer's privacy notice in the first instance.

For data we collect through our website, recruitment, sales, and support functions, we act as a data controller.

What we collect — website visitors

  • Cookies and analytics. We use Plausible, a cookie-free, privacy-respecting analytics service. We do not set advertising cookies and we do not share visitor data with third-party advertisers.
  • Contact form submissions. Name, work email, company, employee count, and the message you send us. Used solely to respond to your enquiry.
  • Server logs. IP address, request URL, user agent — retained 30 days for security and abuse prevention.

What we collect — customers and prospects

  • Account data. Names, work emails, job titles of users administering the platform.
  • Billing data. Company name, billing address, VAT number, payment method tokens (we never see card numbers; Stripe handles those).
  • Communications. Email correspondence, support tickets, demo recordings if you consented.

Lawful basis

  • Contract — for everything we do to deliver the service to a paying customer.
  • Legitimate interest — for sales follow-up, product improvement analytics, and security monitoring. You can object at any time.
  • Consent — for any marketing emails to non-customers. Always opt-in, always one-click unsubscribe.
  • Legal obligation — for tax records and statutory retention.

Where we process data

Inside the platform, customer data is processed in Microsoft Azure West Europe (Netherlands). We never replicate primary customer data outside the European Economic Area without your written consent.

For our own corporate use of CRM, helpdesk, and email tools, data may transit through EU and US data centres operated by sub-processors listed in our DPA at /legal/dpa. Where transfers leave the UK, we rely on UK International Data Transfer Agreements.

Sharing

We do not sell personal data. We share it with sub-processors strictly to deliver the service (e.g. Stripe for billing, SendGrid for transactional email). The full, versioned list is at /legal/dpa.

We will share data with law enforcement only on lawful, written request, and we will notify the affected customer unless legally prohibited.

Retention

  • Website contact form submissions: 24 months after last interaction.
  • Customer account data: lifetime of the contract plus 30 days.
  • Audit logs: 13 months on Professional, 7 years on Enterprise.
  • Backups: 30 days, then permanent deletion.

Your rights

Under UK GDPR you have the right to access, correct, port, restrict, object to, or erase your personal data. To exercise any of these, email us at the address below. We respond within one calendar month.

You can complain to the Information Commissioner's Office (ICO) if you're not happy with how we've handled a request.

Contact us

  • Data protection contact: privacy@hovermark.com
  • Postal: Hovermark Ltd, registered office address, United Kingdom
  • ICO registration: ZA000000

This notice was last updated on 1 April 2026.

This document is a launch placeholder. Final wording will be reviewed by our DPO and external counsel before general availability.