Privacy Policy

This Privacy Policy explains how HALT Technologies Ltd (HALT, we, us, or our) collects, uses, stores, and protects your personal data when you use the HALT mobile application and website (halt-app.com). We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

HALT Technologies Ltd is the data controller for your personal data.

Registered address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

Contact email: [INSERT PRIVACY EMAIL]

2. What Data We Collect

2.1 Account Data

• Name and email address when you create an account
• Password (stored in encrypted form — we never see your plain text password)
• Phone number (optional, if provided during setup)

2.2 Financial Data (via Open Banking)

When you connect your bank account using Open Banking (provided by TrueLayer), we collect:

• Your bank account balance
• Your transaction history, including merchant names, amounts, dates, and transaction categories

This data is accessed on a read-only basis. We do not have access to move, transfer, or modify your funds under any circumstances.

2.3 App Usage Data

• Spending rules you set within the app
• Your discipline streak and challenge progress
• Weekly spending limits you configure
• PIN (stored in encrypted form)

2.4 Technical Data

• Device type and operating system
• App version
• Error logs and crash reports

3. How We Use Your Data

We use your personal data for the following purposes:

• To provide and operate the HALT app and its features
• To display your bank balance and categorised transactions within the app
• To track your spending rules, streak, and challenges
• To process your subscription payment via Stripe
• To send you service-related communications (such as launch updates or account notices)
• To improve the app based on usage patterns and error reports
• To comply with legal obligations

4. Legal Basis for Processing

We process your data on the following legal bases under UK GDPR:

• Contract: Processing necessary to provide the HALT service you have signed up for
• Legitimate interests: Improving our service and ensuring app security
• Consent: Where you have explicitly agreed, such as connecting your bank via Open Banking
• Legal obligation: Where we are required to process data to comply with the law

5. Open Banking and TrueLayer

We use TrueLayer, a regulated Open Banking provider authorised by the Financial Conduct Authority (FCA), to securely connect to your bank account. When you connect your bank:

• You will be redirected to your bank's secure login to grant read-only access
• TrueLayer retrieves your transaction data and balance on our behalf
• We store your transactions in our secure database (Supabase) to power the app features

TrueLayer acts as a data processor on our behalf. You can revoke bank access at any time from within the app or directly through your bank.

TrueLayer's privacy policy is available at: truelayer.com/privacy-policy

6. Subscription and Payments

Subscription payments are processed by Stripe, a PCI-compliant payment processor. HALT does not store your card details. When you subscribe:

• Your payment details are handled entirely by Stripe
• We receive confirmation of successful payment and update your subscription status
• Stripe may store your billing information in accordance with their privacy policy

Stripe's privacy policy is available at: stripe.com/gb/privacy

7. Data Sharing

We do not sell, rent, or trade your personal data. We share data only with trusted third-party service providers necessary to operate HALT:

• TrueLayer — Open Banking data provider
• Stripe — Payment processing
• Supabase — Secure cloud database and authentication
• Netlify — Website hosting

All third parties are contractually required to handle your data securely and in compliance with applicable data protection law.

8. Data Retention

We retain your personal data for as long as your account is active or as required to provide the service. If you delete your account:

• Your personal data will be deleted within 30 days
• Transaction data retrieved via Open Banking will be deleted from our systems
• Some data may be retained for legal or compliance purposes where required by law

9. Data Security

We take security seriously and implement appropriate technical and organisational measures to protect your data, including:

• Encryption of passwords and PINs at rest
• HTTPS encryption for all data in transit
• Row-level security on our database so users can only access their own data
• Read-only Open Banking access — we cannot move or touch your money

10. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right of access — request a copy of the data we hold about you
• Right to rectification — ask us to correct inaccurate data
• Right to erasure — request deletion of your data (right to be forgotten)
• Right to restrict processing — ask us to limit how we use your data
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests
• Right to withdraw consent — where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, contact us at: [INSERT PRIVACY EMAIL]

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

11. Cookies

The HALT website (halt-app.com) uses only essential cookies necessary for the site to function. We do not use tracking, advertising, or analytics cookies. No cookie consent banner is required as only strictly necessary cookies are used.

12. Children's Privacy

HALT is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notice. The date at the top of this document will always reflect the most recent update.

14. Contact Us

For any privacy-related questions or to exercise your rights, please contact:

HALT Technologies Ltd
71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Email: [INSERT PRIVACY EMAIL]