← Back to home

Privacy Policy

Last updated: July 2026

1. Who we are

This service is operated by BAV Tech Solutions ("we", "us", "our"). We provide the Local Enquiry Audit tool at this website. For any privacy-related queries, please contact us at support@bavtechsolutions.com.

We are the data controller for the personal data you provide when using this service.

2. What data we collect

When you use the Local Enquiry Audit tool, we collect the following information:

  • Your business name and location
  • Your business type (optional)
  • Website URL, Facebook, Instagram, and Google Business links (if provided or discovered)
  • Phone number (if provided or discovered)
  • Business email address (if provided)
  • Your responses to the audit questions (main goal and current challenge)

If you purchase the full report, we also receive payment confirmation data from Stripe (our payment processor). We do not store your card details — these are handled entirely by Stripe.

We also collect basic technical data such as your IP address, used only for rate limiting and to protect the service from abuse. It is stored transiently, separately from your audit submission, and automatically deleted after a short period.

3. How we use your data

We use the information you provide to:

  • Generate your personalised local enquiry audit report
  • Process your payment (if you choose to unlock the full report)
  • Allow you to retrieve your report via the unique link we provide
  • Improve the accuracy and quality of our audit tool

We do not use your data for marketing purposes, and we do not sell or rent your personal data to any third party.

4. Legal basis for processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract performance — processing is necessary to provide the audit service you have requested, including delivering the report you paid for.
  • Consent — where you have explicitly ticked the consent checkbox before submitting your audit.
  • Legitimate interests — for technical security measures such as rate limiting to prevent abuse of our service.

5. Third-party services

We use the following third-party services to operate the tool:

  • Stripe — payment processing. Your payment details go directly to Stripe and are never stored on our servers. Stripe is PCI-DSS compliant. See Stripe's Privacy Policy.
  • Serper (Google Search & Places API) — used to automatically discover your business's public online presence, such as your website, social profiles and public Google listing details. Only your business name and location are sent to this API. Serper is a US-based provider. See Serper's website. Where enabled, we may also use the Google Places API for the same purpose.
  • Prisma / PostgreSQL — your audit data is stored securely in a managed PostgreSQL database.
  • Vercel — our website hosting and serverless platform, where audit requests are processed. On our current plan this processing takes place in the United States.

International transfers. Some of these providers (such as Serper and Stripe) are based outside the UK/EU, so limited data may be transferred internationally when you use the service. Where this happens, we only send the minimum necessary (for discovery, your business name and location), and these providers rely on appropriate safeguards such as UK/EU Standard Contractual Clauses to protect your data.

6. Data retention

Your audit data is retained for 12 months from the date of submission, after which it is permanently deleted. If you have purchased a full report, your payment record (held by Stripe) is subject to Stripe's own retention policy for financial and compliance purposes.

7. Your rights under UK GDPR

You have the following rights regarding your personal data:

  • Right of access — request a copy of the data we hold about you
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion of your data ("right to be forgotten")
  • Right to restriction — request we limit how we use your data
  • Right to object — object to processing based on legitimate interests
  • Right to portability — request your data in a portable format

To exercise any of these rights, contact us at support@bavtechsolutions.com. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Cookies

This site uses only essential cookies required for the service to function. Stripe sets cookies to process payments securely. We do not use analytics, advertising, or tracking cookies.

You can disable cookies in your browser settings, but this may prevent the payment flow from working correctly.

9. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

BAV Tech Solutions
Email: support@bavtechsolutions.com