Last updated: January 2026
This Privacy Policy explains how Samana Marks Limited, trading as Edgevance ("we", "us", "our"), collects, uses, stores, and protects your personal data when you use the Edgevance platform ("Platform").
We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
When you register for an Account, we collect:
When you use the Platform, you may upload information about your clients, including:
Important: You are the data controller for any personal data contained within Client Data. We process this data on your behalf as a data processor, in accordance with your instructions and these Terms.
We automatically collect certain information when you use the Platform:
If you contact us for support or other purposes, we retain records of that correspondence.
We process your personal data for the following purposes:
| Purpose | Lawful Basis |
|---|---|
| Providing and maintaining the Platform | Performance of contract |
| Processing payments and billing | Performance of contract |
| Sending service-related communications (verification emails, password resets, billing notifications) | Performance of contract |
| Providing customer support | Performance of contract |
| Ensuring security and preventing fraud | Legitimate interests |
| Complying with legal obligations | Legal obligation |
| Improving the Platform | Legitimate interests |
We do not use your personal data for marketing purposes without your explicit consent.
Your data is stored on secure servers located in the United Kingdom (London), provided by Digital Ocean.
We implement appropriate technical and organisational measures to protect your data, including:
You are responsible for:
We share your data only with the following third parties, and only to the extent necessary to provide the Service:
| Third Party | Purpose | Location | Data Shared |
|---|---|---|---|
| Stripe | Payment processing | EU/US (adequate safeguards in place) | Billing information, payment card details |
| Google Workspace | Email delivery (SMTP) | EU/US (adequate safeguards in place) | Email addresses for transactional emails |
| Digital Ocean | Infrastructure and hosting | UK (London) | All Platform data (encrypted) |
| Anthropic | AI processing for Cara and client import | US (adequate safeguards in place) | Queries, file content during batch import (see Section 5.2) |
We do not sell, rent, or share your personal data with third parties for marketing purposes.
The Platform uses Anthropic's API for AI-powered features. Data sent to Anthropic includes:
When using Cara:
When using batch client import:
Anthropic processes this data solely to provide the AI features. For more information, see Anthropic's privacy policy at anthropic.com/privacy.
We may disclose your data if required by law, court order, or to protect our legal rights.
We will notify you by email at least 14 days before adding any new subprocessors. If you object to a new subprocessor, you may terminate your Account before the change takes effect.
We track email opens and clicks for transactional emails sent by the Platform (such as verification emails, password resets, and notifications). This helps us ensure email deliverability and monitor for issues. Tracking is performed using:
This data is used solely for service improvement and troubleshooting, not for marketing purposes.
Platform administrators (Edgevance staff) may access your Account for the following purposes:
All administrator access is logged and audited. We will only access your Account when necessary and will handle your data confidentially.
We retain your data for the following periods:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account data (company details, user information, billing records) | 6 years after Account closure | UK legal requirements for business records |
| Client Data | 90 days after Account closure (available for export) | To allow data retrieval; then permanently deleted |
| Financial records and invoices | 6 years | HMRC requirements |
| Audit logs | 6 years | Security and compliance |
We recommend exporting your Client Data via Cara (in Excel format) before closing your Account.
7.1. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
7.2. Our notification to you will include:
7.3. We maintain incident response procedures to detect, investigate, and respond to potential data breaches.
Under UK data protection law, you have the following rights:
You can request a copy of the personal data we hold about you.
You can request correction of inaccurate or incomplete personal data.
You can request deletion of your personal data in certain circumstances.
You can request that we limit how we use your data in certain circumstances.
You can request a copy of your data in Excel format.
You can object to processing based on legitimate interests.
We do not make automated decisions that significantly affect you. Cara, our AI assistant, provides suggestions only — all decisions remain with you.
To exercise any of these rights, contact us at [email protected]. We will respond within one month.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Cookies are small text files stored on your device when you visit a website. We use cookies that are strictly necessary for the Platform to function.
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| Session cookie | Essential | Maintains your logged-in state and authenticates your session | Expires when you close your browser or after inactivity timeout |
| CSRF token | Essential | Protects against cross-site request forgery attacks | 1 hour |
The following third parties may set cookies when you use certain features:
| Third Party | Purpose | More Information |
|---|---|---|
| Stripe | Payment processing (only on payment pages) | stripe.com/privacy |
We use browser local storage to remember your preference for viewing deadlines (table or compact view). This is functional only and does not track you.
We do not use any analytics or tracking cookies. We do not use Google Analytics, Facebook Pixel, or any similar tracking technologies.
Because we only use essential cookies required for the Platform to function, disabling cookies may prevent you from using the Platform. Essential cookies do not require consent under UK law, but we inform you of their use here for transparency.
Your data is primarily stored in the United Kingdom. Where data is transferred outside the UK (for example, to Stripe or Google for payment processing and email delivery), we ensure appropriate safeguards are in place, such as:
The Platform is intended for business use by adults. We do not knowingly collect personal data from children under 18. If you believe we have collected data from a child, please contact us immediately.
We may update this Privacy Policy from time to time. Material changes will be notified to you via email or through the Platform.
The "Last updated" date at the top of this Policy indicates when it was last revised.
Continued use of the Platform after changes take effect constitutes acceptance of the updated Policy.
For questions about this Privacy Policy or to exercise your data protection rights, contact us at:
Email: [email protected]
Address:
Samana Marks Limited
43-45 Dorset Street
London
W1U 7NA
United Kingdom
ICO Registration: ZC037824
By using the Edgevance Platform, you acknowledge that you have read and understood this Privacy Policy.