Privacy Policy

Last updated: 29 May 2026

1. Company Information

Company: Easycore Ltd

Address:
14 Ladeside Drive
Blackburn
EH47 7JS Bathgate
West Lothian
United Kingdom

Website: https://easycore.co.uk

Privacy contact: policy@easycore.co.uk

2. Introduction

Easycore Ltd ("we", "our", "us") operates the EasyCore platform and website.

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use:

• our website https://easycore.co.uk
• EasyCore software and services
• chat integrations (Facebook Messenger, WhatsApp)
• booking and communication tools

By using our services you agree to this Privacy Policy.

3. Information We Collect

We may collect the following information:

Personal Information

• Name
• Email address
• Phone number
• Company name
• Company address

Communication Data

• Chat messages
• Customer conversations
• Support messages
• Booking information

Platform Integration Data

When messaging through connected platforms we may receive:

• Facebook profile name
• WhatsApp phone number
• Operator names used for customer support

Technical Data

• IP address
• Browser type
• Device information
• Usage logs

Mobile App Data

• Mobile push notification token (FCM/APNs), where you sign in to the EasyCore mobile app and enable push notifications
• Device name and platform you provide when signing in to the mobile app
• Crash and diagnostic data (error reports, device model, OS version, app version), collected only if the mobile app is built with crash reporting enabled, to diagnose and fix faults

4. How We Use Your Information

We use collected information to:

• operate and maintain EasyCore services
• process customer chats and bookings
• provide customer support
• improve system performance
• maintain platform security
• comply with legal obligations
• send operational notifications, including mobile push notifications, to devices signed in to the EasyCore mobile app

Use of AI. AI processing is performed in-house on dedicated servers operated by Easycore Ltd in the United Kingdom. Conversation and customer data processed by our AI is not transmitted to external AI model providers for inference or training purposes. See our AI Processing Disclosure for details.

Lawful Basis for Processing

Under UK GDPR Article 6 we rely on the following lawful bases:

• Performance of a contract — operating and maintaining the EasyCore services, processing customer chats and bookings, providing customer support, and the in-house AI processing needed to deliver these features.
• Legitimate interests — maintaining platform security and monitoring, preventing abuse of free trials and quotas (including the 180-day re-registration lock described in section 7), and analysing and improving system performance. Our interest is in running a secure, reliable, fraud-resistant service; you may object at any time by emailing policy@easycore.co.uk.
• Legal obligation — retaining billing and accounting records for up to 6 years as required by UK law, and complying with lawful requests.
• Consent — non-essential cookies such as Google Analytics (see section 8) and any marketing contact. You can withdraw consent at any time, without affecting processing already carried out.

5. Third-Party Service Providers

To operate our services we may share limited data with trusted providers including:

• Stripe – payment processing
• Twilio – SMS and WhatsApp messaging
• Meta Platforms Inc. – Facebook Messenger
• Google – Google Analytics and Firebase Cloud Messaging (mobile push notifications)
• Apple – Apple Push Notification service, for push delivery to iOS devices where the iOS app is offered (routed via Firebase Cloud Messaging's APNs bridge)
• Sentry (Functional Software, Inc.) – mobile app crash and error reporting, where enabled
• Website hosting provider – static website and frontend hosting
• Infrastructure provider – application gateway and infrastructure hosting

These providers process data only as necessary to provide their services.

We comply with the Meta Platform Terms and Developer Policies when processing data received via Facebook Messenger.

6. Data Storage and International Transfers

Easycore Ltd's own infrastructure — including our AI servers and the systems that store your conversation, booking and account data — is located in the United Kingdom:

• our website hosting provider (static website and frontend only)
• dedicated AI servers operated by Easycore Ltd

Some of the third-party providers listed in section 5 — including Stripe, Twilio, Meta Platforms, Google, Apple and Sentry — may process limited personal data outside the United Kingdom or European Economic Area. Where such transfers occur, they are protected by appropriate safeguards, such as UK adequacy regulations, the UK Addendum to the EU Standard Contractual Clauses, or other approved transfer mechanisms operated by the relevant provider.

You can request a copy of the safeguards we rely on, or more information about a specific provider's transfer arrangements, by emailing policy@easycore.co.uk.

7. Data Retention

Typical retention periods:

• Chat conversations: up to 24 months
• Booking data (customer name, phone, email, services, notes, dates): up to 24 months from the most recent booking. After this period the personal fields are anonymised; financial and accounting bookkeeping is retained for legal compliance.
• System logs: up to 90 days
• Billing records: up to 6 years (UK legal requirement)

If you would like your booking data anonymised sooner than the 24-month window, contact policy@easycore.co.uk.

Retention after account closure

To prevent abuse of free trials and quotas, after you close your account we retain your company short name, company display name, and email address for 180 days. During that window the same identifiers cannot be re-registered. After 180 days these are purged automatically.

During the 180-day window we may contact you only for account, security, or service-administration matters (for example, to confirm closure, address an open billing item, or invite feedback on why you left). Marketing contact requires your separate consent.

You can request that we stop all contact at any time by emailing policy@easycore.co.uk. Doing so will suppress any outreach but, by design, will not shorten the 180-day re-registration lock — that lock exists for abuse-protection reasons independent of contact preferences. If you have a legitimate reason to re-register sooner, contact support and we will assess it on a case-by-case basis.

8. Cookies

We use essential cookies, required for:

• website functionality
• security
• session management

Essential cookies do not require consent. We also use analytics cookies (Google Analytics, loaded via Google Tag Manager) to understand website usage. Analytics cookies are set only after you opt in via our cookie banner; until then they are disabled by default using Google Consent Mode. The lawful basis for analytics cookies is your consent, which you can withdraw at any time. See our Cookie Policy for details.

9. User Rights (GDPR)

Under UK GDPR you have the right to:

• access your personal data
• correct inaccurate data
• request deletion of your data
• restrict processing
• request data portability
• lodge a complaint with the UK Information Commissioner's Office (ICO)

Requests can be sent to: policy@easycore.co.uk

For some of the data we handle — in particular messages, conversations, and platform identifiers from people who contacted one of our business customers via Facebook Messenger, WhatsApp, or similar channels — Easycore acts as a data processor on behalf of that business, which is the data controller. If your request concerns this kind of data, we will forward it to the relevant business customer and act on their instructions; you may also need to contact that business directly. If you simply want your data deleted, you can use the routes described in section 10 below. For data where Easycore is the controller (for example, account and website-usage data), we action your request ourselves.

10. Facebook-Initiated Data Deletion

If you messaged a Facebook Page operated by one of our customers and want us to delete your data, you can request deletion directly from Facebook:

• Open your Facebook Settings & Privacy → Settings → Apps and Websites
• Locate EasyCore in the list and choose Remove
• When prompted, select the option to also request data deletion

Facebook will send us a signed deletion request. We then remove your Messenger conversations and associated session records from our systems and return a confirmation code you can use to check progress at https://ec.easycore.co.uk/facebook/data-deletion/status.

You can also request deletion at any time by emailing policy@easycore.co.uk.

11. Data Security

We use appropriate technical and organisational security measures including:

• encrypted connections (HTTPS)
• restricted server access
• secure hosting infrastructure
• system monitoring

12. Children's Privacy

Our services are not intended for users under the age of 16.

13. Updates to This Policy

We may update this Privacy Policy periodically.

The latest version will always be available at: https://easycore.co.uk/privacy-policy