Handover
Login

Privacy Policy

Last updated: 6 January 2026

1. Introduction

Handover ("we", "us", or "our") is committed to protecting your privacy and complying with applicable data protection laws, including UK GDPR and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, share, store, and protect your personal data when you use our website and services.

2. What Personal Data We Collect

We collect personal data you provide directly and information collected automatically:

Data you provide directly

  • Account details (name, email, company)
  • Content and files you upload to our service
  • Communications you send to us (support requests, feedback)

Automatically collected data

  • Usage and analytics data (e.g. pages visited, device and browser details, IP address)
  • Cookies and tracking technologies (consented where required)

3. How We Use Your Personal Data

We use your information to:

  • Provide, maintain, and improve our services
  • Process your requests and transactions
  • Communicate with you, including service updates and marketing (where consented)
  • Protect our services and users from fraud, abuse, or security issues
  • Comply with legal obligations

4. Lawful Basis for Processing

We rely on one or more lawful bases under UK GDPR, including:

  • Performance of a contract: to fulfil our service obligations
  • Consent: where you have given consent (e.g., marketing emails)
  • Legitimate interests: for improving services, analytics, and security
  • Legal obligations: to comply with applicable laws and respond to legal requests

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate our service, analyse usage, and improve performance. Some cookies are essential, and others require your consent. For detailed cookie information and how to manage your preferences, please see our Cookie Policy.

6. Sharing and Disclosure of Personal Data

We may share your data with:

  • Service providers and partners who help operate the service (hosting, analytics, email delivery)
  • Legal authorities or third parties if required by law or to protect rights and safety
  • Business transfers: if the business is sold or reorganised, data may be part of transferred assets

We do not sell your personal data to third parties.

7. International Transfers

Your information may be processed outside the UK/EU, including by our service providers. Where this occurs, we ensure appropriate safeguards are in place (e.g., adequacy decisions or standard contractual clauses) to protect your data.

8. Data Retention

We retain your personal data only as long as necessary for the purposes described in this Privacy Policy, including to comply with legal obligations and resolve disputes. Specific retention periods vary depending on the type of data and purpose of processing.

9. Your Rights

Under UK GDPR, you may have the right to:

  • Access your personal data
  • Correct or update inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict or object to processing
  • Withdraw consent at any time (where processing is based on consent)
  • Data portability
  • Lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your rights are not upheld

To exercise your rights, please contact us at privacy@hndvr.io.

10. Security

We implement reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration. However, no system is totally secure and we cannot guarantee absolute protection.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The updated policy will be posted with a revised "Last updated" date. Significant changes will be communicated where required.