Found CTRL customer portal

Privacy

How Found CTRL handles billing, license, verification, session, and notification data processed through the customer portal.

Last updated April 4, 2026TermsBack to portal
01

Scope

This Privacy Policy explains how Found CTRL handles information processed through the customer portal used to manage licenses, invoices, renewals, subscriptions, owner verification, and related customer-support workflows for Found CTRL products.

It applies to portal pages, sign-in verification flows, session handling, billing-management actions, customer-facing notifications, and related operational support. It does not replace the privacy policies of third-party payment processors, email providers, hosting providers, or other external services used in connection with a purchase.

02

Our Privacy Model for the Portal

The customer portal is designed to expose only the account-management information needed by a verified owner or billing contact. It is not intended to be a general-purpose data warehouse for all product records.

The portal focuses on licensing, billing, subscriptions, access controls, and owner-approved recovery actions. Product-specific operational records may remain in the relevant product environment rather than in the portal itself.

03

Information We Process

Depending on how the portal is used, we may process several categories of information in order to operate the service safely and correctly.

  • license keys, product identifiers, plan names, entitlement metadata, renewal state, and feature availability
  • organisation and billing contact details, including owner email, organisation name, and related account status
  • purchase, invoice, receipt, refund, subscription, payment-status, and transaction-reference information
  • invite, ownership-transfer, recovery, and owner-verification workflow records
  • browser and session information needed to keep the portal secure and usable
  • customer-facing notification events about billing, renewals, payment failures, refunds, or access changes
  • support or contact information you choose to send to us
04

Where the Information Comes From

We collect information directly from you when you request sign-in codes, review invoices, use billing tools, or initiate account-management actions in the portal.

We also receive information from the connected license server, payment processors, billing providers, email-delivery services, and internal operational systems that keep product subscriptions and license state in sync.

05

How We Use Information

We use information to operate the portal, verify that the correct owner is signing in, render current billing and license status, and support commercial workflows tied to your organisation's products.

  • authenticate customer-portal access and verify owner email control
  • display invoices, receipts, subscription status, and entitlement details
  • support self-serve billing actions such as cancellations, payment-method changes, and eligible refunds
  • send verification codes, operational notices, and support follow-ups
  • detect misuse, secure the service, investigate suspicious activity, and maintain service reliability
  • improve the portal and related billing workflows over time
06

Payments and Billing Records

If your organisation purchases or renews a product through a supported billing provider, we may process order identifiers, invoice references, payment status, subscription status, refund status, and related commercial metadata.

We do not use the customer portal itself to store full card numbers or complete payment-instrument details. Payment instruments are handled by the relevant processor or gateway under that provider's own terms and privacy practices.

07

Cookies, Session State, and Local Storage

The portal uses a secure session cookie so the verified owner can stay signed in across requests. Without that session state, the portal cannot render owner-only billing and license information.

The portal also stores limited browser-local state for usability. For example, notification read and unread state is stored locally on the device per owner session so that the portal can remember which customer-facing updates you have already opened.

Local notification state stays in the browser on that device unless you clear browser storage. It is used for product usability, not for cross-site advertising or tracking.

08

When We Share Information

We do not sell portal customer data to data brokers. We may share information only where needed to operate the service, fulfil billing workflows, respond to lawful requests, or protect users and service integrity.

  • with payment processors and billing-service providers involved in your purchases or subscriptions
  • with email or communications providers used to deliver sign-in or recovery codes
  • with hosting, infrastructure, monitoring, and security providers that help us run the portal
  • with professional advisers, regulators, or authorities where disclosure is legally required or reasonably necessary to protect rights and safety
  • in connection with a merger, acquisition, financing, or restructuring, subject to appropriate confidentiality and legal safeguards
09

Retention

Retention periods vary by data type and operational need. Billing, verification, and account-security records may be retained for as long as reasonably necessary to provide service continuity, prevent abuse, resolve disputes, comply with legal obligations, and maintain accounting evidence.

Short-lived verification-code records expire automatically after the validity window attached to the workflow. Some local browser state remains until it is replaced or removed from your device.

10

Security

We use administrative, technical, and organisational measures designed to protect portal information, including secure transport, owner-verification flows, signed tokens, access checks, and operational monitoring.

No online service can promise perfect security. You remain responsible for protecting the email account used for owner verification, controlling who can access your browser or device, and keeping your organisation's billing contacts accurate and current.

11

International Transfers

The portal and its supporting providers may operate across multiple jurisdictions. Where information is processed outside your home jurisdiction, we expect providers to use appropriate safeguards where required by law, although the exact protections depend on the provider and geography involved.

12

Your Rights and Choices

Depending on applicable law, you may have rights relating to access, correction, deletion, restriction, objection, portability, or withdrawal of consent where consent is the basis for processing.

Requests about information controlled directly by Found CTRL for licensing, billing, support, or portal operation can be sent to us using the contact details below. Some information may need to be retained despite a request where required for legal, accounting, fraud-prevention, or contractual reasons.

13

Children and Sensitive Information

The customer portal is a business and organisation account-management surface. It is not designed for children and should not knowingly be used by anyone under 18.

Please do not use the portal to submit unnecessary sensitive personal data through support or free-text fields. Keep portal interactions focused on licensing, billing, and authorised account-management tasks.

14

Changes and Contact

We may update this Privacy Policy from time to time to reflect product, operational, legal, or commercial changes. The version published here is the current controlling version for the portal unless a different process is required by law.

Questions about privacy, data requests, or portal handling of information can be sent to hello@foundctrl.com. Found CTRL Limited is registered in England and Wales under company number 17079973.