Skip to main content
gazetted

Privacy policy

Last updated: 18 March 2026

1. Who we are

gazetted is a trading name of Public Notice Systems Ltd (company number 17066508), registered in England and Wales. We are the data controller for personal data processed through our platform. Our ICO registration number is 00013564983.

Contact: notices@gazetted.co.uk

2. What data we collect

We collect the following categories of personal data:

  • Account information: name, email address, company name, phone number, and password (stored in hashed form).
  • Order information: details you provide when placing a statutory notice, including applicant names, addresses, company details, deceased person details (for probate notices), and contact information.
  • Payment information: payment card details are processed by Stripe and are not stored on our servers. We retain transaction references and amounts.
  • Usage data: IP address, browser type, pages visited, and timestamps for security and analytics purposes.
  • Cookies: we use essential cookies (session authentication, cookie consent preference) and optional analytics cookies. See section 11 below for details.

3. How we use your data

We process your personal data for the following purposes:

  • To provide our statutory notice placement service, including generating, placing, and certifying newspaper and Gazette notices.
  • To communicate with you about your orders, including sending proofs, confirmations, and certificates.
  • To process payments through our payment processor, Stripe.
  • To comply with legal obligations, including record-keeping requirements.
  • To improve our services and develop new features.

4. Legal basis for processing

We process your personal data on the following legal bases:

  • Contract performance: processing necessary to fulfil our contract with you to place statutory notices.
  • Legal obligation: processing required to comply with applicable laws.
  • Legitimate interests: improving our services, preventing fraud, and ensuring platform security.
  • Consent: for marketing communications, which you can withdraw at any time.

5. Who we share data with

We share personal data with the following categories of recipients:

  • Newspaper publishers: the notice text and applicant details necessary for publication.
  • The London Gazette: notice text and applicant details for Gazette publications.
  • Stripe: payment processing (Stripe's privacy policy applies to payment data).
  • Resend: email delivery service for transactional emails.
  • Supabase: database hosting (data stored in AWS eu-west-1, Ireland).
  • Vercel: application hosting and content delivery.
  • Sentry: error monitoring (may capture IP addresses and technical context when errors occur).

We do not sell your personal data to third parties. We do not share your data for marketing purposes without your explicit consent.

6. Data retention

We retain order data for a minimum of 7 years for legal and regulatory compliance. Account data is retained for as long as your account is active. You may request deletion of your account and associated data, subject to our legal retention obligations.

7. Your rights

Under the UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Erase your personal data (subject to legal retention requirements)
  • Restrict processing of your personal data
  • Data portability
  • Object to processing based on legitimate interests
  • Withdraw consent at any time

To exercise any of these rights, contact us at notices@gazetted.co.uk.

8. Data security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS), hashed passwords, access controls, and regular security reviews.

9. International transfers

Some of our service providers (such as Stripe and Resend) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses.

10. Cookies

We use the following cookies:

  • Session cookie (authjs.session-token): essential for keeping you signed in. Expires when you close your browser or after 8 hours.
  • Cookie consent (cookie-consent): records your cookie preference. Expires after 12 months.
  • CSRF token (authjs.csrf-token): essential for form security. Session cookie.

We do not use third-party advertising or tracking cookies. You can manage your cookie preferences at any time using the cookie banner or your browser settings.

11. Changes to this policy

We may update this privacy policy from time to time. We will notify registered users of material changes by email. The "last updated" date at the top of this page will be revised accordingly.

12. Contact and complaints

If you have questions about this privacy policy or wish to make a complaint, contact us at notices@gazetted.co.uk. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.