Privacy policy
Last updated
Applies to: the Rampt website and the Rampt platform.
1. Who we are
Rampt is a workshop management platform operated by Studio Sixty-One Limited, a company registered in England and Wales (company number 09173271) (“Rampt”, “we”, “us”).
For questions about this policy or your data, contact scott@studiosixty-one.com.
2. What this policy covers, and what it doesn’t
Rampt handles personal data in two different roles. This matters, because your rights and our obligations differ depending on the role.
- Where we are the controller. For our website visitors, prospective customers, and the workshop owners and staff who hold Rampt accounts, we decide how and why data is used. This policy covers that processing.
- Where we are the processor. When a workshop uses Rampt to manage its own customers (vehicle owners), the workshop is the controller and Rampt processes that data on the workshop’s instructions. That processing is governed by our Data Processing Terms, not this policy. If you are a customer of a garage that uses Rampt, contact that garage about your data in the first instance.
3. The personal data we collect
From website visitors: IP address, device and browser information, pages viewed, and cookie data (see section 7). If you submit a demo or contact form: your name, email, phone, workshop name, and anything you write to us.
From account holders (workshop owners and staff): name, work email, phone, job role, login credentials, and your activity within the platform.
Billing data: billing contact, billing address, and subscription details. Card details are handled by our payment provider and are not stored by us.
From third parties: limited business information where you engage with us through referrals or public business listings.
We do not seek to collect special category data about account holders. Please don’t send it to us unless we ask.
4. How we use it, and our lawful basis
| Purpose | Lawful basis |
|---|---|
| Providing and running the platform for account holders | Contract |
| Account setup, support and service messages | Contract |
| Taking payment and managing subscriptions | Contract |
| Responding to demo and contact enquiries | Legitimate interests |
| Security, fraud prevention and platform integrity | Legitimate interests |
| Improving and developing the platform | Legitimate interests |
| Marketing to prospects and customers | Consent, or the PECR soft opt-in for existing customers |
| Meeting legal and regulatory obligations | Legal obligation |
Where we rely on legitimate interests, we have weighed those interests against your rights. You can ask us about that assessment.
5. Marketing and communications
We send service messages (things you need to know to use Rampt) on the basis of our contract with you. These are not marketing and cannot be opted out of while you hold an account.
We send marketing only where PECR allows it: with your consent, or to existing customers about similar services under the soft opt-in. Every marketing message carries an unsubscribe option, and you can opt out at any time without affecting your service messages.
6. Who we share data with
We share personal data with service providers who help us run Rampt, under contract and only as needed. Our current providers include:
- [Vercel] — website and application hosting
- [Neon] — database hosting
- [Resend] — transactional email
- [sent.dm] — SMS, WhatsApp and RCS messaging
- [Stripe] — payment processing
- [analytics provider] — website analytics
We also share data where we must to comply with the law, enforce our terms, or in connection with a business sale or reorganisation. We do not sell your personal data.
7. Cookies
We use cookies that are necessary for the site to work, and, with your consent, cookies for analytics and performance. You can manage non-essential cookies through our cookie banner and your browser settings. [Link to a full cookie policy if you keep one separately.]
8. International transfers
Where personal data is processed outside the UK, we rely on an adequacy decision, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, with additional safeguards where needed. [Confirm which of your providers transfer data outside the UK and on what basis.]
9. How long we keep it
We keep personal data only as long as needed for the purpose it was collected, then delete or anonymise it. Broadly: account data for the life of the account plus a reasonable period after closure; billing records for as long as tax and accounting law requires; enquiry data for a limited period if you don’t become a customer. [Set your specific periods and record them in a retention schedule.]
10. How we protect it
We use technical and organisational measures appropriate to the risk, including encryption in transit and at rest, strict per-workshop data isolation, role-based access controls, logging, and regular review. No system is perfectly secure, but we work to protect your data and to respond quickly if something goes wrong.
11. Automated processing
Rampt uses automated tools, including AI, to help generate draft vehicle health checks from media captured by workshops. These are assistive: a person reviews and controls the output, and no decision with legal or similarly significant effect is made about you solely by automated means.
12. Your rights
Under UK data protection law you have the right to access your data, to have it corrected or erased, to restrict or object to processing, to data portability, and to withdraw consent where we rely on it. To exercise any of these, contact scott@studiosixty-one.com. We will respond within the statutory time limits.
You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk, though we’d appreciate the chance to put things right first.
13. Children
Rampt is a business tool and is not directed at children. We do not knowingly collect data about children.
14. Changes
We may update this policy. We’ll change the date above and, for material changes, tell account holders directly.
15. Contact
Studio Sixty-One Limited. Email: scott@studiosixty-one.com.