Privacy Policy

Last updated: 1 July 2026

This Privacy Policy explains how Benns Software Ltd ("Mock Chats", "we", "us" or "our") collects, uses and shares personal data when you use the Mock Chats website and services (the "Service"), and the rights you have. It should be read alongside our Terms of Service.

1. Who we are (data controller)

Benns Software Ltd, a company registered in England and Wales (company number 15751857), is the controller of your personal data. For any privacy question, or to exercise your rights, contact us at [email protected].

2. The personal data we collect

Information you provide

  • Account details — your email address (used for magic-link sign-in) and the first and last name you provide during onboarding.
  • Content you create — the chat conversations, names, avatars and images you upload or generate, and the Exports you produce. Please do not include other people's personal data or private messages in your Content unless you have the right to do so.
  • Communications — messages you send us for support or enquiries.

Information we collect automatically

  • Usage and device data — log data, IP address, browser and device type, and the pages and actions you take in the Service, collected through our product-analytics provider.
  • Cookies and similar technologies — used to keep you signed in and to understand and improve how the Service is used. See "Cookies and analytics" below.

Information from our payment processor

  • When you subscribe, payment is handled by our third-party payment processor. We do not receive or store your full card details. We store limited billing-related identifiers (such as customer and subscription IDs and your subscription status) so we can manage your plan.

3. How we use your personal data, and our legal bases

We use your personal data for the purposes below. Under the UK GDPR we rely on the legal basis shown for each.

  • To provide the Service — create and secure your account, store your Content, generate Exports, and deliver core features. Legal basis: performance of a contract with you.
  • To take payment and manage subscriptions — process payments through our payment processor and manage plans, Credits and renewals. Legal basis: performance of a contract; compliance with legal obligations such as tax and accounting.
  • To communicate with you — send service and transactional emails (such as sign-in links and billing notices) and respond to your enquiries. Legal basis: performance of a contract; our legitimate interest in responding to you.
  • To improve and secure the Service — product analytics, troubleshooting, and preventing fraud and abuse. Legal basis: our legitimate interests in operating, improving and securing the Service; compliance with legal obligations.
  • For marketing, where applicable — only where you have opted in or where otherwise permitted by law, and you can opt out at any time. Legal basis: consent, or our legitimate interests.

4. Cookies and analytics

We use a small number of cookies and similar technologies: strictly necessary cookies that sign you in and keep the Service working, and analytics cookies (set by our product-analytics provider) that help us understand usage so we can improve the product. You can control cookies through your browser settings; blocking strictly necessary cookies may stop parts of the Service from working.

5. Who we share your personal data with

We do not sell your personal data. We share it only with the service providers ("processors") that help us run the Service, and only as needed. These include providers of:

  • Payment processing — to take payment and manage your subscription.
  • Cloud hosting and storage — to run the Service and store your Content (hosted in the United Kingdom).
  • Email delivery — to send transactional email such as sign-in links and billing notices.
  • Product analytics — to understand and improve how the Service is used.

Each of these providers may use your personal data only to provide services to us, under appropriate contractual safeguards. We may also disclose personal data where required by law, to enforce our Terms, or to protect our rights, our users or the public; and in connection with a merger, acquisition or sale of assets, in which case we will take steps to ensure your data remains protected.

6. International transfers

Our hosting and stored Content are located in the United Kingdom. Some of our service providers may process personal data outside the UK. Where personal data is transferred outside the UK, we rely on appropriate safeguards — such as the UK's International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, or transfers to countries the UK has deemed adequate.

7. How long we keep your personal data

We keep personal data for as long as your account is active and as needed to provide the Service. After you close your account, we delete or anonymise your personal data within a reasonable period, except where we must keep certain records to meet legal, tax, accounting or dispute-resolution obligations.

8. How we protect your personal data

We use technical and organisational measures to protect personal data, including encryption in transit, access controls, and time-limited signed URLs for file access. No method of transmission or storage is completely secure, but we work to protect your information and to address risks appropriately.

9. Your rights

Under the UK GDPR you have the right to: access your personal data; have it corrected; have it erased; restrict or object to its processing; data portability; and, where we rely on consent, to withdraw that consent at any time. To exercise any of these rights, email [email protected]. We will respond within the time required by law.

You also have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority, at ico.org.uk — though we would appreciate the chance to resolve your concern first.

10. Children

The Service is not intended for, and may not be used by, anyone under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

11. Third-party links

The Service may link to third-party websites or platforms we do not control. This Policy does not apply to them, and we encourage you to read their privacy policies.

12. Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will take reasonable steps to notify you and will update the "Last updated" date above.

13. Contact us

Benns Software Ltd — [email protected].