Herts Pulse
← Herts Pulse

Privacy Policy

Last updated: 18 May 2026

Herts Pulse (“we”, “us”, “our”) operates the website at hertspulse.co.uk, an online business directory for Hertfordshire, England. This policy explains what personal data we collect, why, and what your rights are under the UK GDPR and Data Protection Act 2018.

Who we are

Herts Pulse is operated by BubblyBrainApps, a sole trader based in the United Kingdom. For any privacy-related question, contact us at privacy@hertspulse.co.uk.

What data we collect

Information you give us directly

  • Account datawhen you sign in: email address, name (from your Google account if you use “Continue with Google”), and any profile information you choose to add.
  • Business listing data when you claim or edit a listing: business name, address, phone, website, opening hours, photos, and a description.
  • Enquiry / lead form data when you contact a business through us: your name, email, optional phone number, and the message you sent.
  • Reviews you post: rating, title, body, and your account identifier.
  • Chat messages when you use an AI chat widget on a business listing or our pricing page: the message text and timestamp.
  • Payment data if you subscribe to a paid listing tier: handled directly by Stripe — we never see your full card details, only the last four digits and the subscription status.

Information collected automatically

  • Analytics via Google Analytics 4 (page views, device type, approximate location, referrer) and Microsoft Clarity (anonymised session recordings for UX improvement).
  • Cookies and similar technologiesfor authentication, session management, and analytics. See the “Cookies” section below.

Information from third parties

  • Business data from public sources such as Google Places, used to pre-populate free listings before they are claimed by their owner.
  • Profile data from Googleif you sign in with “Continue with Google”: email address, name, profile photo URL.

Why we use it (lawful basis)

PurposeLawful basis
Authenticating and managing your accountPerformance of a contract
Showing your business listing publiclyPerformance of a contract (claimed listings) / legitimate interest (unclaimed public-record listings)
Sending enquiry emails to businessesPerformance of a contract / legitimate interest
Payments and subscription managementPerformance of a contract
Site analytics and performance improvementLegitimate interest (with cookie consent where required)
Sending operational and marketing emailsConsent (marketing) / legitimate interest (operational)

Who we share it with

We share personal data only with the processors needed to run the service. None sell your data. All are bound by data processing agreements.

  • Supabase — our database and authentication provider (EU region).
  • Netlify — website hosting and serverless functions.
  • Stripe — payment processing.
  • Resend — transactional and notification email delivery.
  • OpenAI — generating listing descriptions, blog content, and answering chat queries. We do not send any personal data beyond what is needed (e.g. the chat message text). Chat data is not used to train OpenAI's models, per our API terms.
  • GoHighLevel — CRM and sales pipeline for business-owner leads.
  • Google Analytics 4 and Microsoft Clarity — anonymised usage analytics.
  • Google (Sign-In with Google) — if you choose this sign-in method, Google processes the authentication request.
  • Google Places API — used to enrich and discover business listings.
  • Brave Search API — used to discover business websites during listing enrichment.

We disclose data to law enforcement, regulators, or courts only when legally required.

International transfers

Some processors are based outside the UK (e.g. OpenAI and GoHighLevel in the US, Resend and Stripe with global infrastructure). Where data is transferred outside the UK or EEA, we rely on UK International Data Transfer Agreements, the EU US Data Privacy Framework (for participating providers), or equivalent safeguards.

How long we keep it

  • Account data: while your account is active, plus 24 months after closure.
  • Listing data: while the listing is published.
  • Leads and enquiries: 24 months from receipt, then deleted or anonymised.
  • Chat transcripts: 12 months from the last message.
  • Payment records: 7 years (UK financial record-keeping requirements).
  • Analytics: per Google Analytics 4 retention (default 14 months) and Microsoft Clarity (default 30 days for session recordings).

Your rights

Under UK GDPR you have the right to:

  • Access a copy of your personal data
  • Correct inaccurate data
  • Erase your data (“right to be forgotten”), subject to legal retention rules
  • Restrict or object to certain processing
  • Withdraw consent for marketing emails at any time
  • Receive your data in a portable format
  • Lodge a complaint with the Information Commissioner's Office (ico.org.uk)

To exercise any of these rights, email privacy@hertspulse.co.uk. We aim to respond within 30 days.

Cookies

We use cookies and similar technologies for three purposes:

  • Strictly necessary: keep you signed in, remember your preferences. Cannot be turned off.
  • Analytics: Google Analytics 4 and Microsoft Clarity. Used to understand site usage.
  • Third-party functional: e.g. Stripe's payment elements, embedded maps.

Most browsers let you block or delete cookies via their settings. Blocking strictly necessary cookies will prevent the site from functioning correctly.

Children

Herts Pulse is not directed at children under 13. We do not knowingly collect data from children. If you believe we have, contact us and we will delete it.

AI-generated content

Many business descriptions, headlines, and blog articles on Herts Pulse are generated by AI (OpenAI) from public information and reviewed before publishing. AI-generated content is labelled with a sparkle indicator. We strive for accuracy but errors are possible — if you spot one, email hello@hertspulse.co.uk.

Changes to this policy

We may update this policy from time to time. Material changes will be highlighted on the site or notified by email. The “Last updated” date above always reflects the current version.

Contact

BubblyBrainApps
Email: privacy@hertspulse.co.uk
For complaints: ICO — ico.org.uk — 0303 123 1113