Privacy Policy
How we handle your data — in plain English
The short version
- We collect only what we need to provide our services
- We never sell your personal data
- Your data stays in the UK
- You can request deletion at any time
Who we are
Vepler Ltd is a UK property data infrastructure company. We provide APIs and data services to businesses in the property sector. This policy explains how we handle personal data when you use our website, APIs, or contact us.
Data Controller: Vepler Ltd
Contact: hello@vepler.com
What we collect
We collect different types of information depending on how you interact with us:
Website visitors
- • Basic analytics (pages viewed, time on site)
- • Device and browser information
- • IP address (anonymised)
When you contact us
- • Name and email address
- • Company name (if provided)
- • Message content
API customers
- • Account details (name, email, company)
- • Billing information
- • API usage logs (endpoints called, timestamps)
- • Technical data (API keys, IP addresses)
We do not collect special category data (health, religion, ethnicity, etc.) and have no interest in doing so.
How we use your data
| Purpose | Legal basis |
|---|---|
| Providing our API services | Contract performance |
| Responding to enquiries | Legitimate interest |
| Sending service updates | Contract performance |
| Improving our services | Legitimate interest |
| Processing payments | Contract performance |
| Legal compliance | Legal obligation |
Who we share data with
We do not sell personal data. We share data only with:
- Payment processors — to handle billing securely
- Infrastructure providers — UK-based hosting for our services
- Professional advisers — accountants, lawyers (when required)
- Regulatory bodies — if legally required
All third parties are bound by data protection agreements and can only process data for specified purposes.
Where we store data
All data is stored on servers located in the United Kingdom. We do not transfer personal data outside the UK unless required by a specific service and only with appropriate safeguards (such as Standard Contractual Clauses) in place.
How long we keep data
| Data type | Retention period |
|---|---|
| Website analytics | 26 months |
| Contact form submissions | 2 years |
| Customer account data | Duration of contract + 6 years |
| API usage logs | 12 months |
| Billing records | 7 years (legal requirement) |
Your rights
Under UK GDPR, you have the following rights:
Access
Request a copy of your personal data
Rectification
Correct inaccurate or incomplete data
Erasure
Request deletion of your data
Portability
Receive your data in a portable format
Restrict processing
Limit how we use your data
Object
Object to certain processing activities
To exercise any of these rights, email hello@vepler.com. We'll respond within 30 days.
Cookies
We use a minimal set of cookies:
| Type | Purpose | Duration |
|---|---|---|
| Essential | Site functionality | Session |
| Analytics | Understanding usage patterns | 26 months |
You can control cookies through your browser settings. Disabling essential cookies may affect site functionality.
Security
We take data security seriously. Our measures include encryption in transit and at rest, access controls, regular security reviews, and Cyber Essentials certification. No system is 100% secure, but we work continuously to protect your data.
Changes to this policy
We may update this policy from time to time. Significant changes will be communicated to customers directly. The "last updated" date at the top of this page indicates when the policy was last revised.
Questions?
If you have questions about this policy or how we handle your data, contact us at hello@vepler.com.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated.
Questions about our data practices?