Privacy Policy

Your privacy and your clients' privacy is our priority. Here's exactly how we collect, use, and protect personal information.

Last Updated: 21 March 2026

Who We Are

RemindToPay is a trading name of Aura Digital Labs Ltd, a company registered in Scotland, United Kingdom (Company No. SC880637).

We are the data controller for the personal information we collect through our service. We are registered with the Information Commissioner's Office (ICO) under registration number ZC099420.

For any questions about how we handle your data, contact us at: support@remindtopay.com

What We Collect

We collect only the minimum information necessary to provide our payment reminder service:

Your Account Information: Email address, business name, and authentication tokens

Client Data: Names, email addresses, payment amounts, and billing schedules you enter for your clients

Usage Data: Basic analytics to improve our service

How We Handle Client Data

Client data you enter is stored securely and used only to send payment reminders on your behalf:

We act as a data processor for client information you provide

Client emails are only used to send payment reminders you configure

We never market to your clients or share their data with third parties

All client data is stored securely in UK data centres

What We Don't Collect

We specifically avoid collecting sensitive personal information:

Bank account details or credit card numbers of your clients

Date of birth or government ID numbers

Location data or device identifiers

We never process actual payments - we only send reminders

How We Use Your Data

Send payment reminder emails to your clients on your behalf

Track payment statuses and upcoming due dates

Provide you with billing and analytics reports

Improve our service based on aggregate usage patterns

Data Security

We take the security of your data seriously:

All data is encrypted in transit (TLS) and at rest using industry-standard encryption

We use Supabase, which is SOC 2 Type II compliant and runs on secure AWS infrastructure

Row-level security ensures you can only access your own client data

We never share or sell your information, and we're GDPR compliant

Your Rights (GDPR)

Under GDPR and UK data protection law, you have the following rights:

Right to Access: Export all your data at any time from Settings → Export Data. Download in CSV, JSON, or ICS format.

Right to Erasure: Request account deletion from Settings → Account. After a 14-day grace period (to prevent accidental deletion), all your data is permanently and irreversibly deleted.

Right to Rectification: Update your personal data at any time from your dashboard and settings.

Right to Data Portability: Download a full JSON backup of all your data for transfer to another service.

Right to Object: Configure which reminders are sent, when, and to whom. You have full control.

Questions About Your Privacy?

If you have questions about this privacy policy, we're here to help.