Privacy Policy

1.1 The controller responsible for the processing of personal data on bettercancel.app (the “Service”) within the meaning of the EU General Data Protection Regulation (GDPR), the UK GDPR, and the German Federal Data Protection Act (BDSG) is:

Westmere Collective Ltd · Company No. 16867078 · Registered in England & Wales · Email: support@bettercancel.app

1.2 For all data protection matters — including the exercise of your rights under Section 8 — please contact us at support@bettercancel.app.

1.3 We have not appointed a statutory Data Protection Officer, as the legal thresholds under Art. 37 GDPR and § 38 BDSG are not met. Our internal data protection contact can nonetheless be reached at the email above.

2.1 This Privacy Policy explains what personal data we collect when you visit our website or use the Service, how we use it, on what legal basis, with whom we share it, and what rights you have.

2.2 We process personal data only where a legal basis under Art. 6 (1) GDPR applies and strictly for the purposes set out below. We follow the principles of data minimisation, purpose limitation, transparency, and storage limitation.

2.3 All data transmission between your device and our servers is protected by 256-bit SSL/TLS encryption.

3.1 Accessing the Website (Server Log Files)

When you visit bettercancel.app, our hosting provider automatically collects technical data necessary for the secure delivery of the website:

• IP address (anonymised after session end where technically possible)
• Date and time of the request
• Requested URL / referrer URL
• Browser type, browser version, operating system
• HTTP status code and transferred data volume

Purpose: Delivery of the website, ensuring stability and IT security (e.g. detection of attacks). Legal basis: Art. 6 (1) lit. f GDPR — legitimate interest in operating a secure and functional website. Storage period: Maximum 7 days, then automatic deletion or anonymisation, unless a security incident requires longer retention.

3.2 Creating a Cancellation Letter (Core Service)

To generate your cancellation letter, we process the data you enter into the form:

• Your full name, postal address, email address
• Where relevant: date of birth, phone number
• Name and address of the recipient company you wish to cancel
• Contract data (contract number, customer number, contract start date, desired termination date, type of contract)
• Free-text fields you choose to fill in

Purpose: Generation, delivery, and — for paid tiers — dispatch of your cancellation letter. Legal basis: Art. 6 (1) lit. b GDPR — performance of a contract / pre-contractual measures at your request. Storage period: See Section 6.

3.3 Email Verification

We process your email address to send a verification link. This step is required before any document is generated or dispatched.

Purpose: Identity check, abuse prevention, secure delivery of the PDF. Legal basis: Art. 6 (1) lit. b GDPR (contract performance) and Art. 6 (1) lit. f GDPR (legitimate interest in preventing misuse of the Service).

3.4 Payment Processing (Paid Tiers)

For the Registered Mail (€14.99) and Lawyer Proof (€49.99) tiers, payment is handled by external payment service providers (e.g. Stripe, PayPal — see Section 5.2). We do not store full credit card or bank account details on our servers. We receive only the transaction confirmation and the data necessary for invoicing.

Purpose: Processing payments, fulfilling tax and accounting obligations. Legal basis: Art. 6 (1) lit. b GDPR (contract performance) and Art. 6 (1) lit. c GDPR (legal obligation under tax and commercial law). Storage period: Invoicing data is retained for 10 years in accordance with §§ 147 AO (Germany) and UK statutory bookkeeping requirements.

3.5 Registered Mail Dispatch

If you book the Registered Mail tier, your cancellation letter and the recipient’s postal address are transmitted to our postal partner (Deutsche Post / Royal Mail or equivalent) for printing and registered delivery. Legal basis: Art. 6 (1) lit. b GDPR.

3.6 Lawyer Proof Dispatch

If you book the Lawyer Proof tier, your cancellation email is sent to the recipient company with a licensed lawyer in BCC as a witness for proof of dispatch. The lawyer receives a copy of the email solely as a passive witness and does not provide legal advice. The lawyer is bound by professional confidentiality and processes the data as an independent controller for the documentation purpose. Legal basis: Art. 6 (1) lit. b GDPR (contract performance) and Art. 6 (1) lit. f GDPR (legitimate interest in independent proof of dispatch).

3.7 Support Communication

If you contact us by email (support@bettercancel.app), we process your message, your email address, and any data you voluntarily provide. Purpose: Responding to your enquiry. Legal basis: Art. 6 (1) lit. b GDPR if your request relates to a contract, otherwise Art. 6 (1) lit. f GDPR (legitimate interest in answering enquiries). Storage period: Up to 24 months after the enquiry is closed, unless statutory retention periods require longer storage.

3.8 Reviews and Testimonials

Where customer reviews are displayed on the website (e.g. “S. M., London”), we use only data the customer has explicitly consented to publish. Legal basis: Art. 6 (1) lit. a GDPR (consent), revocable at any time.

4.1 Strictly necessary cookies are used to maintain your session, remember your language choice (DE/EN), and ensure the basic functionality of the Service. Legal basis: § 25 (2) TTDSG / Art. 6 (1) lit. f GDPR — these cookies do not require consent.

4.2 Analytics or marketing cookies are only set after you have given your explicit consent via our cookie banner. Legal basis: § 25 (1) TTDSG / Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time via the cookie settings on our website.

4.3 You can manage or delete cookies at any time through your browser settings.

5.1 Processors

We use carefully selected service providers (“processors” within the meaning of Art. 28 GDPR), who process data exclusively on our behalf and on the basis of a data processing agreement:

• Hosting and infrastructure provider (EU / UK servers)
• Email delivery provider (for verification mails and PDF delivery)
• Payment service providers (e.g. Stripe, PayPal)
• Postal partner (Deutsche Post, Royal Mail or equivalent) — Registered Mail tier
• Cooperating law firm — Lawyer Proof tier (independent controller for the documentation function)
• Customer support tooling (helpdesk software)

5.2 Third-Country Transfers

Where a processor is located outside the EU / UK (e.g. servers in the USA), the transfer is safeguarded by:

• an adequacy decision of the EU Commission / UK government, where available, or
• EU Standard Contractual Clauses (SCCs) in accordance with Art. 46 (2) lit. c GDPR, in combination with appropriate additional safeguards.

A copy of the relevant safeguards can be requested at support@bettercancel.app.

5.3 Disclosure to Authorities

We disclose personal data to public authorities only where we are legally obliged to do so (Art. 6 (1) lit. c GDPR).

Once the purpose ceases and no statutory retention period applies, data is deleted or anonymised.

We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

Subject to the conditions of the GDPR / UK GDPR, you have the following rights:

• Right of access (Art. 15 GDPR): obtain confirmation as to whether we process data concerning you and, if so, a copy of that data.
• Right to rectification (Art. 16 GDPR): correction of inaccurate or incomplete data.
• Right to erasure / “right to be forgotten” (Art. 17 GDPR): deletion of your data where the legal conditions are met.
• Right to restriction of processing (Art. 18 GDPR).
• Right to data portability (Art. 20 GDPR): receipt of the data you provided in a structured, commonly used, machine-readable format.
• Right to object (Art. 21 GDPR) to processing based on Art. 6 (1) lit. f GDPR, in particular against direct marketing.
• Right to withdraw consent (Art. 7 (3) GDPR) at any time with effect for the future, where processing is based on consent.

To exercise these rights, please contact support@bettercancel.app. We will respond within one month in accordance with Art. 12 (3) GDPR.

8.1 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

• United Kingdom: Information Commissioner’s Office (ICO), https://ico.org.uk
• Germany: The competent state data protection authority of your federal state — a list is available at https://www.bfdi.bund.de

9.1 We employ appropriate technical and organisational measures (TOMs) under Art. 32 GDPR to protect your data against unauthorised access, loss, manipulation, or destruction, including:

• 256-bit SSL/TLS encryption of all data transmission
• Encrypted storage of sensitive data at rest
• Access controls and the principle of least privilege for our staff
• Regular security reviews and patch management
• Strict processor contracts (Art. 28 GDPR)

9.2 No transmission over the internet can be guaranteed to be 100% secure. In the event of a personal data breach with a likely risk to your rights and freedoms, we will notify the competent supervisory authority within 72 hours and, where required, inform affected individuals (Art. 33, 34 GDPR).

The provision of personal data is partly required by law (e.g. tax law) or arises from contractual necessity (e.g. drafting a cancellation letter). Without the data marked as mandatory in the form, we cannot generate or dispatch the cancellation. There is no obligation to use the Service.

We may update this Privacy Policy from time to time to reflect changes in the law or in our processing activities. The current version is always available on our website with the “Last updated” date at the top. Material changes will be communicated to registered users by email at least 30 days before they take effect.