Privacy Policy

Last updated: 15 June 2026

HostCert ("we", "us") provides a certificate tracking and reminder service for UK short-term let hosts. This policy explains how we handle your personal data under UK GDPR.

Who we are

HostCert is operated as part of the Steve business a day experiment portfolio. Contact: support@hostcert.co.uk.

Data we collect

• Account & contact: name, email, phone (optional)
• Property data: addresses or nicknames, certificate expiry dates, platform names
• Payment: processed by Stripe — we do not store full card details
• Website: basic analytics (if enabled) — page views, referrer, device type

Why we use your data

• To set up and maintain your compliance dashboard
• To send expiry reminder emails you have requested
• To process subscriptions and support requests
• To improve the service

Legal basis

We process data based on contract (providing the service), legitimate interests (operating and improving HostCert), and consent where required (e.g. marketing — we do not send marketing without opt-in).

Sharing

We use subprocessors including Stripe (payments), FormSubmit (form delivery), and email providers. We do not sell your data.

Retention

We keep account and certificate data while you are a customer, plus up to 12 months after cancellation unless law requires longer retention.

Your rights

You may request access, correction, deletion, or restriction of your data, or object to processing. Email support@hostcert.co.uk. You may complain to the ICO (ico.org.uk).

Security

We use HTTPS, limit access to customer data, and store the minimum needed to run the service.

Cookies

This site uses essential cookies only unless analytics are enabled. Analytics cookies (if used) help us understand traffic — you can block them in your browser.

← Back to homepage