Legal

Privacy Policy

Last updated: June 2025  ·  Lyme Software Group Ltd (trading as StageLoop)

Contents
  1. Who We Are
  2. What Data We Collect
  3. How We Use Your Data
  4. Legal Basis for Processing
  5. Data Sharing & Third Parties
  6. Data Retention
  7. Your Rights
  8. Cookies
  9. Event Attendee Data
  10. Security
  11. International Transfers
  12. Changes to This Policy
  13. Contact & Complaints
This Privacy Policy explains how Lyme Software Group Ltd (trading as StageLoop) collects, uses and protects personal data in connection with the StageLoop platform and website. We are committed to handling your data responsibly and in compliance with the UK GDPR and the Data Protection Act 2018.
01

Who We Are

Lyme Software Group Ltd (trading as StageLoop) is the data controller for personal data collected through our website and platform. We are registered in England and Wales.

If you have any questions about how we handle your data, please contact us at hello@stageloop.uk.

02

What Data We Collect

We collect different types of data depending on how you interact with us:

Category Data collected Source
Account data Name, email address, organisation name, password (hashed) Provided by you on registration
Billing data Payment method details, billing address, transaction history Provided by you; processed via our payment provider
Usage data Events created, viewer minutes consumed, storage used, feature usage Automatically collected through platform use
Technical data IP address, browser type, device information, log data Automatically collected
Communications Emails and messages sent to us Provided by you
Cookie data Session identifiers, preferences, analytics data Automatically collected — see Cookies section
03

How We Use Your Data

We use the data we collect to:

  • Create and manage your account and provide access to the platform
  • Process payments and manage billing, including overage charges
  • Send you important account notifications, usage alerts and service updates
  • Respond to your support requests and enquiries
  • Monitor and improve the performance and reliability of the platform
  • Detect and prevent fraud, abuse and security incidents
  • Comply with our legal and regulatory obligations
  • Send you marketing communications where you have given consent (you can opt out at any time)
04

Legal Basis for Processing

Under the UK GDPR, we rely on the following legal bases for processing your personal data:

  • Contract: Processing necessary to provide the service you have signed up for, including account management and billing.
  • Legitimate interests: Processing necessary for our legitimate business interests, such as fraud prevention, platform security and improving the service — where these interests are not overridden by your rights.
  • Legal obligation: Processing required to comply with applicable laws and regulations.
  • Consent: Where we rely on your consent, such as for marketing emails, you have the right to withdraw consent at any time.
05

Data Sharing & Third Parties

We do not sell your personal data. We may share your data with trusted third-party service providers who assist us in operating the platform, under strict data processing agreements:

  • Payment processing: We use a third-party payment provider to process card payments securely. Your full card details are not stored on our systems.
  • Video infrastructure: Live streaming and video delivery is powered by third-party video infrastructure providers.
  • Cloud storage: Recordings and associated data are stored with cloud infrastructure providers.
  • Email delivery: Transactional and notification emails are sent via a third-party email service.
  • Analytics: We may use analytics tools to understand how the platform is used in aggregate.

We may also disclose personal data where required to do so by law, court order or regulatory authority.

06

Data Retention

We retain your personal data for as long as your account is active or as needed to provide the service. Following account closure or termination:

  • Account data is retained for up to 90 days to allow for account recovery, then deleted.
  • Billing records are retained for 7 years in accordance with UK financial regulations.
  • Recordings and event content are retained for a period specified within your plan, after which they are permanently deleted.
  • Anonymised usage data may be retained indefinitely for analytical purposes.
07

Your Rights

Under the UK GDPR you have the following rights in relation to your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Ask us to correct inaccurate or incomplete data.
  • Right to erasure: Ask us to delete your personal data where there is no longer a lawful basis to hold it.
  • Right to restrict processing: Ask us to limit how we use your data in certain circumstances.
  • Right to data portability: Request your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Rights related to automated decision-making: We do not make solely automated decisions that have a significant effect on you.

To exercise any of these rights, please contact us at hello@stageloop.uk. We will respond within 30 days.

08

Cookies

We use cookies and similar tracking technologies on our website and platform. These include:

  • Essential cookies: Required for the platform to function, including session management and authentication. These cannot be disabled.
  • Preference cookies: Remember your settings and preferences across visits.
  • Analytics cookies: Help us understand how visitors interact with our platform so we can improve it. These are only set with your consent.

You can control non-essential cookies through your browser settings or our cookie consent tool. Note that disabling certain cookies may affect the functionality of the platform.

09

Event Attendee Data

When organisations use StageLoop to run events, they may collect personal data about their attendees through the platform — for example, names, email addresses and attendance records.

In this context, the organisation running the event is the data controller for attendee data, and StageLoop acts as a data processor on their behalf. Our handling of attendee data is governed by our Data Processing Agreement, which is available on request.

If you are an attendee at an event hosted on StageLoop and have questions about how your data is being used, you should contact the organisation that ran the event directly.

10

Security

We take the security of your data seriously. We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These include:

  • Encryption of data in transit using TLS
  • Encryption of sensitive data at rest
  • Access controls limiting who within our organisation can access personal data
  • Regular security reviews and monitoring

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

11

International Transfers

Some of our third-party service providers are based outside the UK. Where we transfer personal data internationally, we ensure that appropriate safeguards are in place in accordance with UK GDPR requirements, such as standard contractual clauses or adequacy decisions.

12

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on the platform. The date at the top of this page reflects when the policy was last updated.

We encourage you to review this policy periodically to stay informed about how we protect your data.

13

Contact & Complaints

If you have any questions, concerns or requests regarding this Privacy Policy or our handling of your personal data, please contact us:

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.