Privacy Policy

Elseware Limited (“we”, “us”, “our”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect personal data when you:

  • Visit our website
  • Enquire about or use our Bacs payment software services
  • Communicate with us
  • Work with us as a customer, partner, or supplier

In most circumstances, we act as a data controller in relation to the personal data described in this policy. In limited situations where we provide technical support that requires access to customer payment files, we may process personal data on behalf of the customer, who remains the data controller. More information on this is in section 3.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable regulatory requirements.

1. Who we are

Elseware Limited
Registered in England and Wales: 03378892
Registered Office: 8b Kelvin House, Kelvin Way, Crawley, England, RH10 9WE
Email: info@elseware.org.uk
Telephone: 0208 123 0063

For data protection purposes, we act as a Data Controller in relation to the personal data described in this policy.

2. Information we collect

We may collect and process the following personal data information:

  • Name
  • Job title
  • Company name
  • Company address
  • Business email address
  • Business telephone number

3. Important information about our software

Our Bacs approved payments software (Front2Bax) is deployed on customers’ own IT systems (on-premise).

We do not:

  • Host customer data
  • Store customer payment files
  • Have ongoing visibility of personal data processed through our software

Remote access to customer systems may occur only where required for technical support and onboarding, using secure remote access software (e.g., AnyDesk) and only with the customer’s knowledge and authorisation.

During such support and onboarding sessions:

  • Access is customer-initiated and controlled.
  • Where necessary to provide technical support, we may temporarily access or process personal data contained within payment files for the sole purpose of resolving the identified issue.
  • We do not retain personal data extracted during support beyond what is necessary to resolve the issue.
  • Responsibility for the personal data processed within the customer’s environment remains with the customer as data controller.

4. How we collect personal data

We collect personal data:

  • Directly from you (e.g., enquiries, onboarding, support requests)
  • Through contractual relationships
  • Through our CRM system when recording communications
  • Automatically via our website (cookies and analytics)
  • From your organisation where you are a user of our services

5. How we use personal data

We use personal data for providing and managing our Bacs software products, managing customer relationships, responding to enquiries, and meeting legal and regulatory obligations.

We do not sell personal data.

6. Lawful basis for processing and your rights

Under UK data protection law, we must have a “lawful basis” for collecting and using your personal information. You have the right to access, rectify, or erase your data, and to object to or restrict its processing.

ICO Contact Details:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113 | ico.org.uk

7. Data retention

We will retain personal data for 90 days to 2 years after subscription termination, or as long as needed to fulfill the purposes for which it was collected, meet contractual obligations, or comply with legal requirements.

8. Changes to this Policy

We may update this Privacy Policy from time to time. Where changes are made, we will take reasonable steps to notify you.