Privacy Policy

Who we are

Cadi is a software service operated by Cadi Software Ltd (company number 17174156) ("we", "us", "our"). Our registered address is available on request. You can contact us at support@cadi.cleaning.

We are the data controller for the personal data you provide when using Cadi.

What data we collect

We collect and process the following categories of personal data:

How we use your data

We use your personal data to:

Our lawful basis is contract performance (providing the service you signed up for) and, where required, legal obligation (HMRC fraud prevention requirements).

HMRC connection

When you connect your HMRC account, we store OAuth tokens (access token and refresh token) in our secure database. These tokens are used solely to submit and retrieve data from HMRC on your behalf. We never share them with third parties.

Your NINO is stored encrypted and used only for HMRC API calls. You can disconnect your HMRC account at any time from Settings, which revokes tokens and removes them from our database.

Open banking connection

If you choose to connect a bank account, we use Yapily Connect Ltd, an FCA-authorised Account Information Service Provider (AISP, FRN 827001), to retrieve transaction data on a read-only basis. We never have your bank credentials — those are entered directly with your bank.

Cadi Software Ltd is registered with the FCA as an agent of Yapily Connect Ltd under their AISP permission. This means Yapily is the regulated party providing the open banking service; Cadi acts on your behalf under Yapily's permission. You can verify our agent status on the FCA Financial Services Register.

Your consent under PSD2 lasts up to 90 days. We send a renewal prompt approximately 14 days before expiry so you have time to re-authorise without losing access.

Under Open Banking regulations:

Yapily acts as our data processor under our agreement; their privacy policy is at yapily.com/legal/privacy-policy.

Scheduler — maps, geocoding and weather

The Scheduler displays customer locations on small route maps and uses weather forecasts to flag rain-affected jobs. To do this we send limited data to three external services:

None of these services receive financial data, HMRC tokens, or anything Cadi marks as sensitive.

Direct debit collection

If you enable customer direct debit collection, we use GoCardless (FCA FRN 597190) as the payment processor. Your customers' bank details are entered directly with GoCardless — Cadi never sees them. GoCardless is the controller for the bank details they collect; their privacy policy is at gocardless.com/legal/privacy.

AI processing

Some features (conversational onboarding, the service builder, money insights, weekly reports) use AI models provided by Anthropic. When you use these features, the relevant content you provide is sent to Anthropic for processing.

Anthropic processes this data as our data processor under their commercial terms, does not train on it, and retains it only for the duration needed to return a response (plus short-term abuse-monitoring caches). No bank credentials, NINO, or HMRC tokens are ever sent to Anthropic.

Sub-processors

We share data with these processors solely to provide the service:

We do not sell your data to third parties. We do not use it for advertising.

Data retention

We retain your data for as long as your account is active. If you delete your account from Settings, we begin erasure within 7 days and complete it within 30 days, except where retention is required by law (specifically: HMRC requires you keep tax records for 5 years and 10 months from the end of the relevant tax year — anonymised tax-relevant records may be retained for this period).

Bank transaction data syncs are retained while your bank is connected and for 12 months after disconnect (to support tax return preparation), then deleted.

Server logs are retained for 30 days for security and operational purposes.

International transfers

Our primary data store is hosted in the EU (Ireland). Some sub-processors (Anthropic, Stripe, FullStory, Vercel) process data in the United States. These transfers rely on the UK International Data Transfer Addendum to the EU Standard Contractual Clauses as the safeguard.

Security

We protect your data with: TLS 1.2+ encryption in transit, AES-256 encryption at rest, row-level isolation between businesses, single-sign-on for staff access, principle-of-least-privilege for internal access, and regular dependency updates.

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and you without undue delay.

Your rights

Under UK GDPR you have the right to:

To exercise any of these rights, contact us at support@cadi.cleaning.

Audit log

Cadi keeps an internal log of sensitive actions taken on your account — customer archives and erasures, SAR exports, job deletions, bulk round changes, and invoice payment events. This log is private to you and is provided so you can demonstrate accountability if asked by the ICO or a customer. We never use it for advertising or share it outside your account.

Cookies

Cadi uses essential cookies for authentication and session management. With your consent (via the cookie banner) we also use FullStory for anonymised session recording — this helps us debug issues and improve usability. You can change your choice at any time by clearing your cookies and reloading the app.

Changes to this policy

We may update this policy from time to time. We will notify you by email of any material changes. Continued use of Cadi after changes constitutes acceptance of the updated policy.