Privacy Notice
Charlie Test 0 · Effective 28 May 2026
1. Who we are
This privacy notice tells you how Charlie Test 0 of 115 Lynwood Drive ("we", "us", "our") collects and uses your personal data when you use our website, book an appointment with us, or contact us.
We are the data controller for this personal data. You can contact us about anything in this notice by writing to charlie.pickard@hotmail.com.
2. What this notice covers
This notice covers:
- visits to our website at charlie-test-0.centraspot.com;
- bookings you make with us;
- the customer account you set up on our website (if any);
- messages we send you about your bookings (email, SMS, WhatsApp);
- payments you make to us through the website;
- communications you have with us by email, phone, or in person.
3. Personal data we collect
3.1 When you visit our website
Our website uses cookieless analytics, which means we do not set tracking cookies and we do not build a profile of you. We see aggregated counts of page views and where visitors came from.
Our website is hosted by Netlify on infrastructure provided by Centraspot. Standard web server logs (IP address, user agent, page requested, time, response code) are kept for a short period for security and operational diagnostics.
3.2 When you book an appointment
To make a booking, we ask you for: your name, email address, phone number, and information about your pet (name, breed, weight, coat type, any temperament or health notes you choose to share). We may also ask service-specific questions ("intake questions"). We use this information to provide the service you have booked and to keep your pet safe.
3.3 When you set up an account
If you choose to set up an account on our website (to manage your bookings, store pet profiles, or upload pet photos), we will also hold your login email and a hashed copy of your password (we cannot see your plain password). We hold a record of your bookings and any preferences you set.
3.4 When you pay us
Payments are processed by Stripe (Stripe Payments UK Limited and its group) via Stripe Connect Express. You enter your card details directly into Stripe; we do not see or store your full card number. We do hold the Stripe payment identifier and the last four digits of your card, for our own records and for reconciliation.
3.5 When we message you
We hold a record of the messages we have sent you about your bookings, what channel they were sent on (email, SMS, WhatsApp), and whether they were delivered. We hold your channel preferences (which channels you have opted in to and any STOP requests you have made).
3.6 When you contact us
If you contact us by email, phone, or in person, we hold a record of what was said so that we can follow up if needed.
4. Why we use your personal data (lawful bases)
Under the UK GDPR, we need a lawful basis to use your personal data. The bases we rely on are summarised here:
| What we use your data for | Lawful basis |
|---|---|
| Providing the services you book — including running the booking flow, holding your slot, recording your pet's profile, preparing for your appointment, and following up afterwards. | Performance of the contract between you and us (UK GDPR Article 6(1)(b)). |
| Taking payment for your booking. | Performance of the contract (Article 6(1)(b)). |
| Sending transactional messages about your booking (confirmations, reminders, cancellation notices, ready-for-collection, follow-up). | Performance of the contract (Article 6(1)(b)). |
| Sending SMS or WhatsApp messages where you have opted in to those channels. | Your consent (Article 6(1)(a)) — which you can withdraw at any time. |
| Responding to enquiries or complaints you make. | Performance of the contract or our legitimate interest in responding to you (Article 6(1)(b) or (f)). |
| Keeping records for tax, accounting, and regulatory purposes. | Compliance with a legal obligation (Article 6(1)(c)). |
| Security, fraud prevention, and abuse detection on the website. | Our legitimate interest in keeping the site secure (Article 6(1)(f)). |
| Bringing or defending legal claims, where needed. | Our legitimate interest in protecting our legal rights (Article 6(1)(f)). |
5. Who we share your personal data with
We share your personal data with the providers we use to run our business. We do not sell your personal data.
Our website, booking system, payment processing, and messaging are provided to us by Centraspot Limited (company number 17234696; ICO registration ZC155588), which acts as our data processor. Centraspot in turn uses sub-processors to deliver parts of the platform. The current list of sub-processors is:
| Sub-processor | What they do for us |
|---|---|
| Centraspot Limited | Our platform provider — runs the website, booking engine, dashboard, and messaging. |
| Supabase Inc. | Hosts our customer, booking, and pet data (UK region). |
| Stripe Payments UK Limited / Stripe Inc. | Processes payments you make for bookings. |
| Twilio Ireland Limited / Twilio Inc. | Delivers SMS and WhatsApp messages (where you have opted in). |
| WhatsApp Ireland Limited (Meta Platforms) | Operates the WhatsApp Business platform that delivers WhatsApp messages. |
| Resend, Inc. | Delivers our transactional emails. |
| Sanity.io | Stores the editable content of our website. |
| Netlify, Inc. | Hosts our website. |
| Cloudflare, Inc. | Provides DNS, bot protection (Turnstile), and edge delivery. |
| Functional Software, Inc. (Sentry) | Records errors so we can fix bugs in the platform. |
| Plausible Insights OÜ | Cookieless analytics on website visits (aggregate only). |
| Better Stack (Sukucode UAB) | Uptime monitoring. |
| Cron-job.org (Liftoff e.U.) | Triggers scheduled tasks on the platform. |
| Google Maps (Google Ireland Limited) | Only if we have enabled the map embed on our Contact page — provides the embedded map. |
This list reflects Centraspot's current sub-processors as published at centraspot.com/platform/privacy. Centraspot tells us when the list changes; we update this notice accordingly.
We may also share your personal data with: (a) HMRC and other regulators, where we are required to do so by law; (b) our professional advisers (for example, our accountant or solicitor), where it is reasonably necessary; and (c) any successor to our business, in the unlikely event we sell or transfer the business.
6. International transfers
Most of the sub-processors above are based in the United Kingdom or the European Economic Area. Some (notably Stripe, Twilio, Meta, Sentry, Netlify, Cloudflare, and Sanity) involve personal data being processed in the United States. For those transfers, Centraspot has put in place appropriate safeguards — the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses — to keep your personal data protected.
7. How long we keep your personal data
We keep your personal data only as long as we need it:
- Booking records and pet profiles — for as long as you are an active customer, and for a reasonable period afterwards (typically 3 years) to handle any follow-up. You can ask us to delete sooner — see section 8.
- Account login data — for as long as your account is active. If you delete your account, we delete the login data.
- Payment records — for at least six (6) years after the end of the financial year in which the payment was made, because we are required by HMRC to keep these.
- Messaging records — for two (2) years after the message was sent.
- Web server logs — for a short period (typically up to thirty days) for security and diagnostics.
8. Your rights
Under the UK GDPR you have the right to:
- ask for a copy of the personal data we hold about you;
- ask us to correct personal data that is wrong;
- ask us to delete personal data (we will delete unless we are required to keep it — for example, payment records we have to keep for HMRC);
- ask us to restrict our use of your personal data;
- object to our use of your personal data where we rely on legitimate interest;
- ask us to provide your personal data in a portable format (so you could move it to another provider);
- withdraw consent, where consent is the basis we rely on (for example, SMS or WhatsApp opt-in); and
- complain to the Information Commissioner's Office (see section 11).
To exercise any of these rights, email us at charlie.pickard@hotmail.com. We will respond within one calendar month. There is no charge for the first request.
9. Cookies
Our website does not set tracking cookies. We use only strictly necessary cookies — for example, to keep you signed in to your account on our website. Strictly necessary cookies do not require your consent.
We do not use Google Analytics, Facebook pixels, advertising cookies, or other third-party tracking on our website.
10. Changes to this notice
We may update this notice from time to time. The current version, and the date it took effect, is shown at the top of this page. If we make a material change, we will email you about it where we can.
11. Contact us, or complain
To exercise your rights, or to ask any question about how we handle your personal data, contact us:
Charlie Test 0115 Lynwood Drive
Email: charlie.pickard@hotmail.com · Phone: +447730398085
If you are not satisfied with how we have handled your concern, you can complain to the Information Commissioner's Office:
Information Commissioner's OfficeWycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
ico.org.uk · Helpline: 0303 123 1113