Privacy Policy

Last updated: 14 April 2026

ExtractMethod Ltd operates Jotterly (jotterly.co). This policy explains what personal data we collect, why we collect it and what we do with it. We operate in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. What we collect

If you create an account

  • your name and email address
  • your organisation name
  • payment information, which is handled securely by Stripe

When you create events or collect payments

  • event details you enter
  • ticket purchase records and attendee information
  • transaction records

Technical information

  • IP address
  • browser type and version
  • device information
  • usage and analytics data

2. Why we collect it

We use your data to:

  • provide and run the Jotterly service
  • process ticket purchases and payments
  • send confirmation emails and transaction receipts
  • improve the service
  • prevent fraud and keep the platform secure
  • meet our legal obligations

3. Our legal basis for processing

  • Contract: to provide the ticketing and fundraising service you have signed up for
  • Legitimate interests: to improve the service and prevent fraud
  • Legal obligation: to comply with tax and financial regulations
  • Consent: for any marketing communications, where you have opted in

4. Who we share your data with

We share data only where necessary:

  • Stripe: for payment processing. See Stripe's Privacy Policy
  • Event organisers: buyers' attendee information is shared with the organiser of the event they book
  • Service providers: for email delivery, hosting and analytics
  • Legal requirements: when required by law or to protect our rights

We do not sell your data.

5. How long we keep your data

  • account information: until you delete your account, plus 6 years for financial records
  • transaction records: 6 years to meet tax and accounting requirements
  • analytics data: up to 2 years

6. Your rights

Under UK GDPR you have the right to:

  • access a copy of your personal data
  • correct inaccurate data
  • request deletion of your data, subject to legal obligations
  • restrict how we process your data
  • receive your data in a portable format
  • object to processing based on legitimate interests
  • withdraw consent for marketing at any time

To exercise any of these rights, email us at [email protected].

7. Cookies

We use essential cookies to keep you logged in, remember your preferences and maintain security. We also use analytics cookies to understand how the service is used. You can manage cookies through your browser settings.

8. Security

We take reasonable steps to protect your data, including:

  • encryption of data in transit and at rest
  • access controls and authentication
  • regular security assessments
  • secure payment processing via Stripe

9. International transfers

Your data may be processed outside the UK. Where this happens we make sure appropriate safeguards are in place, such as standard contractual clauses or UK government adequacy decisions.

10. Children

Jotterly is for use by adults acting on behalf of their organisation. We do not knowingly collect personal data from children under 13 without parental consent. If you think we have, please get in touch.

11. Changes to this policy

We may update this policy from time to time. We will let you know about significant changes by email or through the service.

12. Contact

For questions about this policy or to exercise your rights:

ExtractMethod Ltd
[email protected]
jotterly.co

13. Complaints

If you are unhappy with how we handle your data, you can complain to the Information Commissioner's Office:

ico.org.uk
0303 123 1113