Privacy Policy — HMO Alarm Test™

Operated by Doorbells Ltd (Company No. 11687967)
Registered in England & Wales
Last updated: 18 March 2026

1. Introduction

This Privacy Policy explains how Doorbells Ltd ("Doorbells", "we", "us", "our") collects, uses, stores and protects personal data when you use HMO Alarm Test™ (the "Service").

This policy applies to:

• landlords, letting agents and property managers using the Service;
• individuals invited to complete alarm tests or submit records;
• users of our website and platform;
• individuals whose data is included in records submitted to the Service.

We process personal data in accordance with the UK GDPR and the Data Protection Act 2018.

2. Who we are

Doorbells Ltd is the operator of HMO Alarm Test™.

Doorbells Ltd acts as a data controller or data processor depending on the context, as explained in Section 3.

Contact: contact@hmoalarmtest.com

3. Our role: controller and processor

Because HMO Alarm Test™ is a platform used by landlords and managing agents, our role varies depending on the type of data involved.

3.1 Doorbells as data controller

Doorbells acts as a data controller for:

• account registration and management;
• user authentication and login records;
• billing, subscriptions and payment administration;
• customer support communications;
• system security, monitoring and fraud prevention;
• service improvement and analytics;
• legal and regulatory compliance.

3.2 Doorbells as data processor

Where a customer (including a landlord, managing agent or property manager) uses the Service to record, upload or manage information relating to properties and individuals, Doorbells acts as a data processor on that customer's behalf.

This may include:

• names of individuals completing alarm tests;
• contact details entered by the customer;
• property addresses and property-related information;
• alarm test records and audit logs;
• uploaded images, notes or supporting evidence;
• timestamps, completion history and system-generated audit trail data.

Doorbells processes this information only on the documented instructions of the customer in order to provide the Service.

In these circumstances, the landlord, managing agent or customer is the data controller and is responsible for:

• determining the purpose and lawful basis for processing;
• ensuring individuals are properly informed;
• ensuring data entered is appropriate and accurate;
• complying with applicable data protection laws.

A Data Processing Agreement may apply between Doorbells and the customer where required.

4. Personal data we collect

Account data

• name
• email address
• organisation name
• login credentials

Service data

• property addresses
• names of individuals completing tests
• alarm test records and results
• timestamps and audit logs
• uploaded images and notes

Payment data

• billing name and email
• subscription status
• transaction references

We do not store full card details.

Technical data

• IP address
• browser and device information
• usage logs
• session data

Support data

• communications
• support requests
• attachments

5. How we collect data

We collect data:

• directly from users;
• when customers input data into the Service;
• when individuals submit test records;
• automatically through system operation;
• via payment and service providers.

6. How we use personal data

We use data to:

• provide and operate the Service;
• record and generate testing records and audit logs;
• manage accounts and subscriptions;
• process payments;
• respond to support requests;
• maintain security and prevent misuse;
• improve the platform;
• comply with legal obligations;
• handle disputes and enforce our terms.

Customers can delete records within their account at any time. Deletions take effect immediately within the live system, subject to backup retention periods described in this policy.

7. Lawful bases

We rely on:

• Contract – to provide the Service
• Legitimate interests – to operate and improve the platform
• Legal obligation – where required by law
• Consent – where applicable (e.g. cookies)

8. Payment processing

We use Stripe to process payments securely.

• Payment details are entered directly into Stripe's secure systems
• We do not store full card details
• We may share limited billing data (name, email, transaction details)

Stripe may act as an independent data controller for payment processing. Users should review Stripe's privacy policy.

9. Sharing personal data

Service providers

We use trusted third-party providers to support the Service, including:

• application hosting and infrastructure;
• domain and DNS services;
• email delivery and communications;
• data storage and backup;
• security, monitoring and error logging.

These providers process data in accordance with appropriate data protection obligations.

Within the platform

Data submitted may be visible to the landlord or agent managing the property.

Professional and legal parties

Where required for legal, regulatory or contractual reasons.

Business transfers

In connection with a sale, merger or restructuring.

10. International transfers

Some providers may process data outside the UK. Where this occurs, we use appropriate safeguards such as:

• UK adequacy regulations;
• standard contractual clauses;
• recognised legal transfer mechanisms.

11. Data retention

Account data
Retained while your account is active and for up to 30 days after account closure, unless a longer period is required.

Service records
Retained while the account is active. If an account is deleted, data will be removed from the live system within 30 days, subject to backup cycles.

Backups
Data may remain in secure backups for up to 90 days after deletion, after which it is permanently removed.

Billing records
Retained for up to 6 years.

Support records
Retained for up to 24 months.

Technical logs
Retained as necessary for security, monitoring and system integrity.

12. Security

We implement appropriate technical and organisational measures, including:

• access controls;
• authentication protections;
• encrypted connections;
• audit logs;
• secure hosting;
• monitoring and incident response.

No system is completely secure.

13. Your rights

You may have the right to:

• access your data;
• correct inaccuracies;
• request deletion;
• restrict processing;
• object to processing;
• request data portability.

Contact: contact@hmoalarmtest.com

If we act as a processor, requests may need to be directed to the relevant landlord or agent.

14. Complaints

You can contact us first. You also have the right to complain to the Information Commissioner's Office.

15. Cookies

We use cookies and similar technologies to:

• maintain secure user sessions;
• enable core platform functionality;
• analyse how the Service is used to improve performance and usability.

Where required by law, we will request consent before placing non-essential cookies. You can control cookies through your browser settings.

16. Third-party links

We are not responsible for third-party websites or services linked from our platform.

17. Children

This Service is not intended for children. We do not knowingly collect data from children.

18. Changes to this policy

We may update this policy from time to time. The latest version will always be available with the updated date.

19. Contact

Doorbells Ltd
Company No. 11687967

Email: contact@hmoalarmtest.com