GDPRLedger is operated by PERTHEO LIMITED, a company incorporated in Cyprus (registration number HE 385082), whose registered office is at [REGISTERED ADDRESS โ TO BE CONFIRMED]. GDPRLedger operates as a trading name of PERTHEO LIMITED.
These Terms of Service ("Terms") govern your access to and use of the GDPRLedger platform, including all associated features, content, and evidence pack exports (collectively, the "Service"). By registering for an account or purchasing access to the Service, you agree to be bound by these Terms.
If you are using the Service on behalf of an organisation, you represent that you have authority to bind that organisation to these Terms, and references to "you" include that organisation.
GDPRLedger provides:
You must be at least 18 years of age and have legal capacity to enter into a binding agreement to use the Service. The Service is intended for use by businesses and organisations, not by consumers acting in a personal capacity.
You agree to provide accurate, current, and complete information when registering for an account and to keep that information up to date. You are responsible for maintaining the confidentiality of your login credentials and for all activity that occurs under your account. You must notify us promptly at [SUPPORT EMAIL] if you suspect any unauthorised use of your account.
We reserve the right to refuse registration or suspend accounts where we have reason to believe that these Terms have been, or are likely to be, breached.
GDPRLedger is offered on a fixed-term access basis. Upon purchase, you receive access to the Service for a period of 12 months from the date of enrolment ("Access Period"). Access is not a subscription that renews automatically โ it is a single purchase of a defined access period.
Payments are processed by LemonSqueezy (a trading name of Lemon Squeezy LLC), our authorised payment processor. By purchasing access, you agree to LemonSqueezy's terms of service and privacy policy. We do not store your payment card details.
All prices are displayed inclusive of applicable VAT where required. Invoices are issued by PERTHEO LIMITED. Prices are quoted in Euros (โฌ) unless otherwise stated.
At the end of the Access Period, your account enters read-only mode. You may continue to view and download previously generated evidence packs, but you will not be able to complete tasks, upload new evidence, or generate new exports. To restore full access, you must purchase an annual re-validation.
Annual re-validation extends your Access Period by a further 12 months, refreshes your programme with any updated statutory requirements, and produces a new tamper-evident audit record. Re-validation is priced at the applicable rate displayed at the time of purchase.
Given the nature of the Service โ which provides immediate access to digital content and compliance guidance upon purchase โ we do not offer refunds once access has been activated, except where required by applicable consumer protection law. If you believe you are entitled to a refund, please contact us at [SUPPORT EMAIL] within 14 days of purchase.
You agree that you will:
You acknowledge that you remain solely responsible for your organisation's compliance with applicable data protection legislation and that use of GDPRLedger does not transfer or discharge that responsibility.
All intellectual property rights in the Service, including the platform, its design, underlying engine, protocol content, guidance text, checklists, and illustrative examples, are owned by PERTHEO LIMITED or its licensors. Nothing in these Terms transfers any intellectual property right to you.
You are granted a limited, non-exclusive, non-transferable licence to access and use the Service during the Access Period for your own internal business compliance purposes.
You retain ownership of any documents and evidence you upload to the Service. By uploading content, you grant PERTHEO LIMITED a limited licence to store, hash, and process that content solely for the purpose of providing the Service to you.
Evidence packs generated by the Service are your records. You may use, share, and retain them as you see fit, subject to your own data protection obligations.
PERTHEO LIMITED processes personal data in connection with the Service as a data controller. Our Privacy Policy, available at [Privacy Policy URL], describes what personal data we collect, how we use it, and your rights under applicable data protection law.
Where you upload documents containing personal data of third parties (such as employee records or client data) as evidence within the Service, you do so as a data controller in your own right. You are responsible for ensuring that such uploads comply with your own data protection obligations, including having a lawful basis for sharing that data with our platform.
We process uploaded evidence solely to provide the Service. We do not use the content of uploaded documents for any other purpose, including training AI models. Uploaded evidence is stored with SHA-256 integrity hashing and is retained for the duration of your Access Period plus a reasonable period thereafter, as described in our Privacy Policy.
PERTHEO LIMITED is registered in Cyprus and operates under EU GDPR. The lead supervisory authority for data protection matters relating to PERTHEO LIMITED is the Commissioner for Personal Data Protection, Cyprus.
To the fullest extent permitted by applicable law, PERTHEO LIMITED shall not be liable for:
Where liability cannot be excluded by law, our total aggregate liability to you in connection with the Service shall not exceed the amount you paid for your current Access Period.
Nothing in these Terms excludes or limits our liability for fraud, death or personal injury caused by our negligence, or any other liability that cannot be excluded or limited by law.
The statutory summaries provided within the Service are plain-English interpretations intended to assist understanding. They are not authoritative legal interpretations and may not reflect the most current legislative position. You should always verify statutory requirements with a qualified legal professional before relying on them.
Completion of the GDPRLedger programme is not a substitute for a formal GDPR audit, legal opinion, or regulatory assessment. If your organisation requires formal compliance assurance, you should engage a qualified data protection practitioner or solicitor.
We aim to provide the Service on a continuous basis but do not guarantee uninterrupted availability. The Service may be temporarily unavailable due to scheduled maintenance, unplanned outages, or circumstances beyond our reasonable control.
We reserve the right to modify, update, or discontinue features of the Service at any time. Where we make material changes that adversely affect your use of the Service during a paid Access Period, we will notify you by email and, where appropriate, offer a pro-rata refund of the unused portion of your Access Period.
We may update the protocol content โ including tasks, checklists, and guidance text โ to reflect changes in applicable legislation or regulatory guidance. Updated content will be available to users within their current Access Period.
Your access to the Service ends at the expiry of the Access Period unless you purchase an annual re-validation. Upon expiry, your account enters read-only mode as described in Section 4.3.
We may suspend or terminate your access immediately and without notice if you materially breach these Terms, including but not limited to: fraudulent use of the Service, uploading unlawful content, or attempting to circumvent the Service's access controls.
Upon termination for breach, no refund will be due. We will retain your evidence pack data for a period of 90 days following termination, after which it may be permanently deleted.
You may request deletion of your account and associated data at any time by contacting us at [SUPPORT EMAIL]. Requests will be processed in accordance with our Privacy Policy and applicable data protection law.
These Terms and any dispute or claim arising out of or in connection with them shall be governed by and construed in accordance with the laws of the Republic of Cyprus.
We will attempt to resolve any dispute informally in the first instance. Please contact us at [SUPPORT EMAIL] with a description of your complaint. We will respond within 10 business days.
If a dispute cannot be resolved informally, the courts of Cyprus shall have exclusive jurisdiction, subject to any mandatory consumer protection provisions that may apply in your jurisdiction.
We may update these Terms from time to time to reflect changes to the Service, applicable law, or our operating practices. Where we make material changes, we will notify you by email at least 14 days before the changes take effect, and will display the updated Terms on this page with a revised effective date.
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Terms. If you do not agree to the updated Terms, you must stop using the Service and may request a pro-rata refund of any unused Access Period.
If you have any questions about these Terms or the Service, please contact us: