Privacy Policy
Last updated: 17 March 2026
1. Overview
MAYORDOMOLocal ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, how long we keep it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
The data controller is MAYORDOMOLocal, operating at hello@www.mayordomolocal.com. If you have any questions about how we handle your data, please contact us at that address.
2. Data We Collect
We collect the following categories of personal data:
- •Account data: name, email address, and (optionally) phone number — provided when you register via Auth0.
- •Billing data: payment method details and billing address — collected and stored by Stripe on our behalf. We only store your Stripe customer ID and subscription status.
- •Audit data: business names, website URLs, and NAP (Name, Address, Phone) information you submit for SEO scanning.
- •Usage data: pages visited, features used, and interactions with the platform — collected via our own analytics system only with your consent (see Section 6).
- •Technical data: IP address, browser type, and device information — processed transiently for security and to deliver the service.
3. Lawful Basis for Processing
We process your data under the following lawful bases:
- •Contract (Article 6(1)(b)): Account and billing data are processed to provide the service you have signed up for, manage your subscription, and send transactional emails.
- •Legitimate interests (Article 6(1)(f)): Audit data and technical data are processed to deliver SEO results, detect abuse, and improve platform reliability. We have balanced these interests against your rights.
- •Consent (Article 6(1)(a)): Usage analytics are only collected after you explicitly accept via the cookie consent banner. You may withdraw consent at any time by clearing your
_ch_consentcookie or declining in your browser settings.
4. Retention Periods
| Data type | Retention |
|---|---|
| Account data | Until account deletion + 30 days |
| Billing records | 7 years (UK tax law) |
| Audit data | Duration of subscription + 90 days |
| Usage analytics | 13 months rolling |
| GDPR export files | 30 days after generation |
5. Your Rights
Under UK GDPR you have the following rights, exercisable by emailing hello@www.mayordomolocal.com:
- •Access (Article 15): Request a copy of all personal data we hold about you.
- •Rectification (Article 16): Ask us to correct inaccurate or incomplete data.
- •Erasure (Article 17): Request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
- •Portability (Article 20): Receive your audit data in a machine-readable JSON format.
- •Restriction (Article 18): Ask us to pause processing while a dispute is resolved.
- •Objection (Article 21): Object to processing based on legitimate interests.
- •Withdraw consent: Where we rely on consent (analytics), you can withdraw at any time without affecting the lawfulness of prior processing.
We will respond to rights requests within 30 days. If you are unhappy with our response, you may lodge a complaint with the Information Commissioner's Office (ICO).
7. Third-Party Processors
We share personal data with the following sub-processors, each governed by a Data Processing Agreement:
- • Auth0 (Okta) — authentication and identity management. Processes account credentials and session tokens. Data stored in the EU. Privacy policy.
- • Stripe — payment processing and subscription management. Processes billing details and payment instrument data. PCI DSS Level 1 certified. Privacy policy.
- • MAYORDOMOLocal Analytics — our own first-party analytics system. Collects page views and interaction events. No data is shared with third-party advertising networks. Consent required (see Section 6).
We do not sell your personal data to any third party, and we do not use your data for advertising profiling.
8. Contact & Data Requests
For any privacy-related questions, data subject access requests, or erasure requests, please contact us at:
We aim to respond to all requests within 30 days. For complex requests this may be extended by a further two months, in which case we will notify you within the initial 30-day period.
You also have the right to lodge a complaint directly with the UK supervisory authority: the Information Commissioner's Office (ICO).