Jump to section
The short version
- We only collect information you knowingly give us, plus basic technical data for security and analytics.
- We never sell your information and never share it for third-party marketing.
- Enquiry data is kept for up to 24 months; customer data while you're with us, plus what tax law requires.
- You have the full set of UK GDPR rights, including access, correction and erasure.
1Who we are
Brolly Technologies Ltd ('Brolly', 'we', 'us', 'our') is the data controller for the personal information you provide through this website and our services. Our registered office is in Leeds, United Kingdom.
2What we collect
We only collect information that you knowingly give us. This includes:
- Your name, work email, organisation, and role when you book a demo or get in touch.
- Any details you include in the enquiry message, such as your care sector or the challenge you want to solve.
- Basic technical information automatically collected by our web server (IP address, browser type, and pages visited) for security and analytics.
We do not use third-party advertising trackers and we do not build behavioural profiles for marketing purposes.
3How we use it
We use your information to:
- Respond to demo requests and business enquiries.
- Provide the service you've asked for, including follow-up conversations, consultancy and training.
- Improve this website and the Brolly platform by analysing usage patterns in aggregate.
- Comply with our legal obligations, including our duties as a processor under UK data protection law.
4Legal basis
We rely on your consent when you submit a form, and on our legitimate interest in running and improving our business for routine operational processing.
5How long we keep it
| Data type | Retention period |
|---|---|
| Enquiry records | Up to 24 months after the last contact |
| Customer records | Duration of the relationship plus the period required by tax and accounting law (typically six years) |
| Server logs | Up to 90 days |
| Backups | Rolling 35-day window, then automatically deleted |
6Your rights
Under UK GDPR you have the right to:
- Access the personal information we hold about you.
- Request correction of any inaccuracies.
- Ask us to erase your information where it is no longer needed.
- Object to or restrict processing.
- Lodge a complaint with the Information Commissioner's Office (ico.org.uk).
To exercise any of these rights, email hello@brolly.co.uk and we'll respond within one calendar month.
7Cookies
This site uses a small number of strictly necessary cookies to make it work (for example, to keep an admin user signed in). It does not use third-party advertising or behavioural tracking cookies.
We use a privacy-respecting analytics setup that records aggregate page-view data without setting cross-site identifiers.
8Security
We use industry-standard encryption in transit (HTTPS) and at rest for sensitive data. Administrative access is protected with unique accounts, strong password hashing, and an audit log of every action.
Where Brolly acts as a processor for customer data inside the platform, additional protections apply under the relevant data processing agreement and our AI Safety Policy.
9Changes
We may update this policy from time to time. The 'Last updated' date in the hero shows when the latest change was made. Material changes will be communicated to existing customers by email.
10Contact
For any privacy question, or to make a data subject request, contact us:
Data Protection contact
Use the form on this site to contact us for any privacy or data subject request. We respond within a few days.