Privacy Policy

Last updated: March 2026

1. Who We Are

Receev is operated by Receev Ltd, registered in England and Wales (Company No. 17055403), registered office at 3rd Floor, 86-90 Paul Street, London, England, United Kingdom, EC2A 4NE. We are the data controller for personal data processed through this platform.

Questions about this policy? Contact our data team at privacy@receev.uk.

2. Data We Collect

We collect the following categories of personal data:

  • Account data: Name, email address, phone number, business name and address.
  • Identity verification data: Date of birth and government ID (collected and held by Stripe on our behalf).
  • Financial data: Bank account details (held by Stripe), invoice amounts, payment history.
  • Client data: Name, email, phone, and address of clients you add to Receev.
  • Usage data: IP address, browser type, pages visited, and actions taken within the platform.

3. How We Use Your Data

We use your data to:

  • Provide and operate the Receev platform
  • Process payments and manage your Stripe connected account
  • Send transactional emails (invoices, payment confirmations, reminders)
  • Comply with legal and regulatory obligations
  • Prevent fraud and ensure platform security
  • Improve our service through anonymised analytics

4. Legal Basis for Processing

Under UK GDPR, we process your data on the following legal bases:

  • Contract: Processing necessary to provide the Receev service you have signed up for.
  • Legal obligation: Compliance with financial regulation and anti-money laundering requirements.
  • Legitimate interests: Fraud prevention, platform security, and service improvement.

5. Data Sharing

We share data with the following third parties:

  • Stripe: Payment processing and identity verification. Stripe processes data under their own Privacy Policy.
  • Supabase: Database hosting. Data is stored in EU-region data centres.
  • Email service provider: For sending transactional emails on your behalf.

We do not sell your personal data to any third party.

6. Data Retention

We retain your account data for as long as your account is active and for 7 years thereafter, as required by UK financial regulations. Invoice and payment records are kept for 7 years to comply with HMRC requirements. You may request deletion of non-financial data at any time.

7. Your Rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data (subject to legal retention obligations)
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with the ICO (ico.org.uk)

To exercise any of these rights, contact us at privacy@receev.uk.

8. Cookies

We use essential cookies to keep you logged in and maintain your session. We do not use advertising or tracking cookies. See our Cookie Policy for full details.

9. Security

We use industry-standard security measures including TLS encryption in transit, encrypted database storage, and role-based access controls. Payment card data is never stored on Receev — it is handled entirely by Stripe.

10. Changes to This Policy

We will notify you of material changes to this policy by email at least 14 days before they take effect.