Privacy Policy

1. Who We Are

Murray Money Pro ("we", "us", "our") is operated by Keith Murray, United Kingdom. Murray Money Pro provides educational research, model-based signal content, and related informational services.

Registered address: [To be confirmed prior to public launch]

For privacy-related enquiries, contact us at: hello@murraymoneypro.co.uk

We are in the process of registering with the Information Commissioner's Office (ICO) as a data controller. Our ICO registration reference will be published here once confirmed.

2. What Data We Collect

We may collect and process the following personal data:

Email address — when you subscribe to our newsletter, create a member account, or complete any opt-in form on our website.

Name — if provided voluntarily during sign-up or contact.

Payment information — processed securely by our payment processor (Stripe). We do not store card details ourselves.

Usage data — standard web analytics including pages visited, time on site, browser type, and approximate geographic location (country/region level). This is collected via anonymised analytics tools.

Communications — if you contact us by email or support form, we retain a copy of that correspondence.

3. How We Use Your Data

We use personal data for the following purposes:

To deliver the service — sending the Weekly Pulse, Monthly Edition, signal alerts, and other content you have subscribed to receive.

Account management — maintaining your membership account, processing payments, and managing subscription changes.

Communications — responding to your enquiries, sending service-related notifications (e.g. password resets, billing).

Marketing — with your consent, sending promotional communications about Murray Money Pro products and services. You can withdraw consent at any time by clicking "unsubscribe" in any email or contacting us directly.

Legal obligations — retaining certain records as required by applicable law.

We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

4. Legal Basis for Processing (UK GDPR)

We process your personal data on the following legal bases:

Contract performance — processing necessary to deliver the service you have subscribed to.

Legitimate interests — analytics and service improvement, where this does not override your rights.

Consent — for marketing communications and non-essential cookies. You may withdraw consent at any time.

Legal obligation — where we are required to retain records under applicable law.

5. Cookies & Analytics

Our website uses the following cookies and analytics tools:

Essential cookies — required for the website to function correctly (login sessions, billing). These cannot be disabled as they are necessary to provide the service.

Vercel Analytics — we use Vercel Analytics to understand how visitors interact with the site. Vercel Analytics is designed to be privacy-first: it does not use cookies, does not collect personally identifiable information, and does not build individual user profiles. Data is aggregated and anonymised. Because it operates without cookies or PII, it does not require cookie consent under UK PECR — however we disclose its use here for full transparency.

Preference cookies — used to store your cookie consent choice and session preferences.

You can manage your cookie preferences via the consent banner shown on your first visit, or through your browser settings. You may also contact us at hello@murraymoneypro.co.uk to request information about how your data is processed.

6. Data Retention

We retain your personal data for as long as necessary to provide the service and comply with legal obligations.

Newsletter subscribers — retained until you unsubscribe. We will delete your data upon request.

Member accounts — retained for the duration of your membership and for a reasonable period thereafter for legal and accounting purposes.

Financial records — retained for 7 years as required by UK tax and accounting regulations.

You may request deletion of your data at any time. See Section 8 for your rights.

7. Third-Party Services

We share your data with the following named third-party service providers, each of whom processes it in accordance with their own privacy policies:

Resend (resend.com) — transactional and newsletter email delivery. Your email address is shared with Resend solely for delivery purposes.

Stripe (stripe.com) — payment processing and subscription management. Stripe is PCI-DSS compliant and does not share your payment data with us beyond what is required to manage your subscription.

Supabase (supabase.com) — secure database and authentication. Data is stored on Supabase's infrastructure with row-level security controls.

Vercel (vercel.com) — website hosting and edge delivery. Vercel operates data centres globally including in the EU. As a US-based company, data transfers to the US are covered by Standard Contractual Clauses (SCCs) under UK GDPR adequacy provisions.

Vercel Analytics (vercel.com/analytics) — privacy-first, cookie-free site analytics. No PII collected.

All third-party providers are contractually required to handle personal data in accordance with UK GDPR. We do not sell or rent your data to any third party for marketing purposes.

8. Your Rights

Under UK GDPR, you have the following rights:

Right of access — to request a copy of the personal data we hold about you.

Right to rectification — to request correction of inaccurate or incomplete data.

Right to erasure — to request deletion of your personal data ("right to be forgotten").

Right to restrict processing — to request that we limit how we use your data.

Right to data portability — to receive your data in a structured, machine-readable format.

Right to object — to object to processing based on legitimate interests.

Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at: hello@murraymoneypro.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data appropriately.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted connections (HTTPS), access controls, and regular security reviews.

No method of internet transmission is 100% secure. While we take all reasonable steps to protect your data, we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Where changes are material, we will notify subscribers by email or a prominent notice on the website. The "Last updated" date at the top of this page reflects the most recent revision.

Continued use of our service after changes take effect constitutes acceptance of the revised policy.