Privacy Policy

Last updated: 2026-03-19

This Privacy Policy explains how BroadcastConnect (we, us, our) collects, uses, and shares personal data when you use our website, API, and mobile applications (together, the Services). It is designed to meet UK GDPR and EU GDPR transparency requirements and to support applicable US state privacy laws.

1. Who we are

Controller: Broadcast Service Partners LTD, legally based in England and Wales, United Kingdom.

Contact email: contact@broadcastservicepartners.com

2. Scope

This notice applies to personal data processed through:

• our public website pages;
• account creation, login, and license/device management services;
• mobile applications connected to the same account system.

3. Categories of data we collect

Account and identity data

• username, email address, encrypted/hashed password data;
• terms acceptance records (date/time and version accepted).

License and device data

• license numbers, license status, expiry dates, and pairing records;
• device IDs, device model/name, app version, and connection status.

Payment and transaction data

• payment status and transaction references required to validate purchases and issue/maintain licenses;
• payments are processed by third-party providers (for example, Paddle), not directly by us.

Technical and usage data

• service logs, error logs, security events, timestamps, and IP-related metadata used for fraud prevention and troubleshooting;
• strictly necessary token/session data stored on your device (see section 10).

Diagnostics data (mobile apps)

We use Google Firebase Crashlytics for crash and reliability diagnostics. It may process crash stack traces, app/device diagnostics, and technical identifiers needed to group and analyze crashes.

4. Sources of personal data

• directly from you (registration, login, purchases, support communications);
• automatically from your device/app/browser when using the Services;
• from payment processors when they confirm transaction outcomes.

5. Why we process data and legal bases (UK/EU)

• Provide the Services and your account (contract necessity; Art. 6(1)(b) UK/EU GDPR).
• Operate licensing and device pairing (contract necessity; Art. 6(1)(b)).
• Process billing/payment confirmations (contract necessity; Art. 6(1)(b)).
• Secure and protect the Services, prevent abuse, maintain logs (legitimate interests; Art. 6(1)(f)).
• Maintain diagnostics and reliability (legitimate interests; Art. 6(1)(f), and consent where required by law).
• Meet legal obligations (Art. 6(1)(c)).

6. Sharing of personal data

We share personal data only where necessary with service providers and partners acting as processors or independent controllers, depending on context, including:

• Hosting/infrastructure providers (for example, Render.com);
• payment processors (for example, Paddle);
• diagnostics providers (Google Firebase Crashlytics).

We may also disclose data if required by law, lawful requests by public authorities, or to protect legal rights and security.

7. International transfers

Your data may be processed in countries outside the UK/EEA. Where required, we implement appropriate safeguards, such as adequacy mechanisms and/or Standard Contractual Clauses (SCCs), plus supplementary security measures where appropriate.

8. Retention

We retain personal data only as long as necessary for the purposes described in this notice, including contractual, operational, security, accounting, and legal requirements. Typical retention periods depend on data type (for example: account records while account is active and for a limited post-closure period; logs/diagnostics for security and reliability windows).

9. Your privacy rights

UK/EU/EEA rights

Subject to legal limits, you may have rights to access, rectification, erasure, restriction, objection, portability, and to withdraw consent where processing is consent-based.

US state privacy rights

Where applicable (for example California and other state laws), you may have rights to know, access, delete, correct, and obtain a portable copy of personal information, and to non-discrimination for exercising rights. We do not sell personal information in the ordinary meaning of "sell" under these laws.

To exercise rights, contact us at contact@broadcastservicepartners.com. We may need to verify your identity before completing a request.

10. Cookies, localStorage, and similar technologies

We use strictly necessary technologies to keep you signed in and secure sessions (for example authentication tokens in localStorage). These are required to provide requested Services. We do not use these strictly necessary technologies for advertising profiling.

11. Security

We apply appropriate technical and organizational safeguards to reduce risks of unauthorized access, loss, misuse, or alteration. No system is completely secure, so we cannot guarantee absolute security.

12. Children

Our Services are not directed to individuals under at least 18 years old (or the age of majority in your country), and we do not knowingly collect personal data from anyone below that age in violation of applicable law.

13. Complaints and supervisory authorities

If you are in the UK, you may complain to the Information Commissioner's Office (ICO): https://ico.org.uk.

If you are in the EEA, you may complain to your local supervisory authority: EDPB Members.

14. EU representative (if required)

If Article 27 EU GDPR requires us to appoint an EU representative, we will publish that representative's details here.

15. Changes to this Privacy Policy

We may update this policy from time to time. Material changes will be notified where legally required. The "Last updated" date shows the latest revision.

16. Contact

• Email: contact@broadcastservicepartners.com
• Company: Broadcast Service Partners LTD
  21 Great Ley
  Welwyn Garden City
  England AL7 4TJ