Privacy Policy

Last updated: 14 February 2026

1. Data Controller

Amelia GB Ltd (Company Number 07124049) is the data controller for personal data collected through BankConverter.co.uk. Our registered office is at 76 High Street, Colliers Wood, London, SW19 2BY.

2. Information We Collect

We collect information you provide when registering: email address, name (optional), and company name (optional). If you sign in with Google, we receive your name, email, and Google account identifier. For paid plans, payment processing is handled by Stripe — we do not store credit card numbers.

3. Bank Statement Data

When you upload bank statements for conversion, the files are processed in server memory. Source PDF files are deleted immediately after conversion. Converted CSV files are stored temporarily (typically less than 1 hour) to allow download, then automatically deleted. We do not retain, analyse, or share the content of your bank statements.

4. How We Use Your Data

We use your personal information to provide and maintain the service, process payments, send service-related communications, track usage for plan limits, and improve our service. We do not sell your personal data or use it for advertising purposes.

5. Lawful Basis

We process your data based on: contractual necessity (to provide the service), legitimate interests (to improve and secure the service), and consent (where applicable, such as optional communications).

6. Data Sharing

We share data only with: Stripe (payment processing), Google (if you use Google login), and DigitalOcean (hosting infrastructure). We do not share your data with any other third parties unless required by law.

7. Data Retention

Account data is retained for as long as your account is active. Conversion logs (filename, bank detected, transaction count, date) are retained for 12 months for service improvement. Uploaded files are deleted immediately after processing.

8. Your Rights (UK GDPR)

Under UK data protection law, you have the right to: access your personal data, rectify inaccurate data, request deletion of your data, restrict processing, data portability, and object to processing. To exercise these rights, contact us via our contact page.

9. Cookies

We use essential session cookies to maintain your login state. We do not use tracking cookies, analytics cookies, or advertising cookies.

10. Security

We implement appropriate technical and organisational measures to protect your data, including: SSL/TLS encryption for all connections, hashed password storage (bcrypt), firewall protection, and regular security updates.

11. International Transfers

Your data is stored and processed on servers located in London, UK. Payment data is processed by Stripe in accordance with their privacy policy and applicable data transfer mechanisms.

12. Changes

We may update this policy from time to time. Material changes will be communicated via email. Continued use of the service constitutes acceptance of the revised policy.

13. Contact

For privacy-related enquiries, contact us at our contact page or email office@ameliagb.com.