Wasteify Privacy Policy

Effective Date: 01 February 2026.

This Privacy Policy explains how personal data is collected, used, stored, and protected when using the Wasteify software platform (“Platform”).

Wasteify is operated by:

Real Time Analysis Software Limited
Company Number: 12505045
Registered in England & Wales
(“RTAS”, “we”, “us”, “our”).

This Privacy Policy applies to all users of the Wasteify Platform, website, and associated services.

1. Roles Under Data Protection Law

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018:

• Customers of Wasteify act as Data Controllers
• Real Time Analysis Software Limited acts as Data Processor

Customers determine the purpose and lawful basis for processing personal data uploaded to the Platform. RTAS processes personal data strictly on customer instruction in order to deliver the Platform.

2. Personal Data We Process

Depending on how the Platform is used, we may process the following categories of personal data:

Account and user information, including names, email addresses, phone numbers, job roles, and login credentials.

Business and operational data, including company details, site details, vehicle information, waste records, transport documentation, and compliance data.

User-generated content, including uploaded documents, images, digital signatures, notes, and references.

System and usage data, including audit logs, timestamps, device information, IP addresses, and activity records.

RTAS does not intentionally collect special category data unless explicitly entered by the customer as part of their operational workflows.

3. How We Use Personal Data

Personal data is processed solely for the purpose of providing, maintaining, and improving the Wasteify Platform, including:

  • Delivering platform functionality and features.
  • Managing user accounts and access permissions.
  • Generating reports, records, and documentation.
  • Providing customer support and system maintenance.
  • Ensuring platform security, integrity, and performance.
  • Meeting legal and regulatory obligations where applicable.

We do not sell, rent, or trade personal data.

4. Lawful Basis for Processing

RTAS processes personal data under the following lawful bases:

Performance of a contract, where processing is necessary to deliver the Platform.

Legitimate interests, including maintaining system security, preventing misuse, and providing support.

Legal obligation, where processing is required to comply with applicable law.

Customers, as Data Controllers, are responsible for identifying and documenting their own lawful basis for data they upload.

5. Data Access & Internal Controls

Access to customer data is restricted to authorised RTAS personnel only.

RTAS personnel may access customer databases strictly for:

  • Technical support
  • Maintenance and fault resolution
  • System monitoring
  • Data integrity and performance assurance

All access is controlled, logged, and limited to what is necessary to perform these functions.

6. Data Retention

Customer data remains available within the Platform for the duration of an active subscription.

Platform databases are backed up daily for disaster recovery and operational resilience. Backup copies are retained for 14 days and are then automatically and permanently destroyed.

Upon termination of an account, customers may request a data export within a reasonable period. Following this, data is securely deleted unless retention is required by law.

Customers are responsible for defining and managing their own data retention obligations.

7. Data Security

RTAS implements appropriate technical and organisational measures to protect personal data, including:

  • Encrypted data transmission.
  • Secure cloud infrastructure.
  • Role-based access controls.
  • Authentication and authorisation safeguards.
  • System monitoring and audit logging.
  • Daily backups with limited retention.

While reasonable steps are taken to protect data, no system can be guaranteed completely secure.

8. Sub-Processors & Third Parties

To deliver the Platform, RTAS uses vetted third-party service providers (“sub-processors”), including:

Cloud infrastructure and hosting providers (e.g. Google Cloud services).
Email delivery services (e.g. SendGrid).
Payment processing providers (e.g. Stripe, when integrated).

All sub-processors are contractually bound to comply with UK data protection requirements and process data only on our instructions.

A current list of sub-processors is available on request.

9. International Transfers

Where data is processed outside the UK, appropriate safeguards are in place, including standard contractual clauses or equivalent protections required under UK GDPR.

10. Data Subject Rights

Where RTAS acts as Data Processor, data subject rights requests should be directed to the Customer acting as Data Controller.

Where RTAS receives a data subject request directly, we will notify the relevant Customer without undue delay and provide reasonable assistance where required.

11. Cookies & Tracking

The Wasteify Platform may use essential cookies and similar technologies to enable authentication, security, and core functionality.

We do not use cookies for advertising or profiling purposes.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes.

The most current version will be made available within the Platform or on our website. Continued use of the Platform constitutes acceptance of the updated Privacy Policy.

13. Contact Details

For privacy-related queries, contact:

Real Time Analysis Software Limited
Company Number: 12505045
Email: info@mydatacrate.co.uk
Registered Address: Office 113 Bizspace Theale, Merlin House, Reading, Berkshire, England, RG7 4SA