Hello edun.

Privacy Policy

Last Updated: 23/11/2025

Edun operates the https://www.helloedun.co.uk website, which provides the SERVICE.

This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service, the helloedun.co.uk website.

If you choose to use our Service, then you agree to the collection and use of information in relation to this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy.

Information Collection and Use

For a better experience while using our Service, we may require you to provide us with certain personally identifiable information, including but not limited to your name, phone number, and email address. The information that we collect will be used to contact or identify you.

Log Data

All errors are logged and stored securely. We do not log any identifiable personal data.

Cookies

Cookies are files with a small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer's hard drive.

Our website uses these "cookies" to provide key functionality and to improve our Service. Please refer to our Cookie Policy for more information. https://www.helloedun.co.uk/about/cookies.

Service Providers

We may employ third-party companies and individuals due to the following reasons:

  • To facilitate our Service;
  • To provide the Service on our behalf;
  • To perform Service-related services; or
  • To assist us in analyzing how our Service is used.

We want to inform our Service users that these third parties may have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

Third-Party Service Integrations

Our Service allows you to connect with third-party accounting and financial management platforms to enable seamless data synchronization and enhance your experience. When you authorize these integrations:

  • We collect and store authentication credentials securely to maintain your connection
  • We access financial data including invoices, contacts, transactions, and account settings as authorized by you
  • We use this data solely to provide our services to you, such as timesheet management, invoicing, and reporting
  • We do not sell or share your financial data with any third parties for marketing purposes

You may revoke these integrations at any time through your account settings. When you disconnect an integration, we will cease accessing your data from that service, though we may retain historical data necessary for record-keeping and contractual obligations.

Data Retention and Deletion

We retain your personal and financial data for as long as your account is active or as needed to provide you services. Specifically:

  • Active account data is retained while your account remains active
  • Financial records may be retained for up to 7 years to comply with accounting and tax regulations

Your Data Rights

Under data protection laws including GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of all personal data we hold about you
  • Right to Erasure: You can request deletion of your personal data (subject to legal obligations)
  • Right to Data Portability: You can request your data in a structured, machine-readable format
  • Right to Withdraw Consent: You can withdraw consent for data processing at any time
  • Right to Object: You can object to certain types of data processing

To exercise any of these rights, please contact us at [email protected]. We will respond to your request.

Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of data in transit
  • Encryption of sensitive data at rest
  • Secure authentication using OAuth 2.0 protocols for third-party integrations
  • Regular security audits and updates
  • Access controls limiting employee access to personal data on a need-to-know basis

In the event of a data breach that affects your personal data, we will notify you and relevant authorities within 72 hours as required by applicable law.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contractual Necessity: Processing is necessary to provide the services you've requested
  • Consent: You have given explicit consent for specific processing activities (e.g., connecting third-party integrations)
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services and preventing fraud
  • Legal Obligations: Processing is required to comply with legal and regulatory requirements

International Data Transfers

Your data may be transferred to and processed in countries outside of your country of residence. We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place to protect your data.

Automated Decision Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Links to Other Sites

Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children's Privacy

Our Services do not address anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.

Our Privacy Policy was created with the help of the Privacy Policy Template.

Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us.

Email: [email protected]

Service Level Agreement

The Agreement is made between the Supplier & the Customer

The SLA is intended to outline the level of service between the Supplier and the Customer in specific relation to customer supper enquiries, technical support enquiries and bespoke developments.

  1. Definitions
    1. Customer: the person, firm or company who purchases Services from the Supplier.
    2. Services: the services to be provided by the Supplier under the Contract.
    3. Supplier: EDUN LTD with registered company number 13689679.
    4. Business hours: Hours occurring within a normal business day, 08:00 – 18:00 GMT.
    5. Bespoke Developments: Services that are not currently available within the Edun product offering which require specific development for the Customer.
    6. Additional Services: Services that are expressly requested by the Customer to the Supplier that are not currently available from Edun.
    7. Existing Services: Services that currently exist within Edun that are available for Customers to use.
  2. Service Level Agreement
    1. The Supplier shall aim to resolve all support problems for existing services in line with the following conditions.
      1. Tier 1 - Critical Issues:
        • Critical issues cause complete or partial service outage and affect the customer’s ability to conduct business-critical operations.
        • Supplier Response Time: 1 business hour from the time of reporting the issue to a representative of the Supplier.
        • Resolution Time: 4 business hours from the time of acknowledging the issue by the Supplier.
        • Please note that ‘bespoke developments’ are quoted on independent milestones and do not formulate this SLA. Please refer to your contract for the definition of ‘bespoke development’
      2. Tier 2 - Major Issues:
        • Major Issues cause significant impairment of service but do not cause a complete service outage.
        • Response Time: 3 business hours from the time of reporting the issue to a representative of the Supplier.
        • Resolution Time: 8 business hours from the time of acknowledging the issue by the Supplier.
        • Please note that 'bespoke developments' are quoted on independent milestones and do not formulate this SLA. You will refer to your contract for the definition of 'bespoke development'
      3. Tier 3 - Minor Issues:
        • Minor issues do not significantly affect the service but cause minor inconvenience to the customer.
        • Response Time: 24 business hours from the time of reporting the issue to the Supplier.
        • Resolution Time: Varying and agreed with the customer independently from the time of acknowledging the issue by our support team.
        • Please note that 'bespoke developments' are quoted on independent milestones and do not formulate this SLA. You will refer to your contract for the definition of 'bespoke development '
    2. The Customer acknowledges that the resolution times refer to the time taken by the Supplier to provide a solution or workaround for the reported issue. These times are subject to change depending on the complexity of the issue, the availability of resources, and any other factors that may affect the resolution time. Where a workaround is available the supplier makes no guarantees additional solutions can be sought but will make reasonable efforts to accommodate this.
    3. The customer acknowledges that data migration complications do not fall within the remit of this service level agreement.
    4. The customer acknowledges that any complications that arise which require input from a third party will affect resolution times from the supplier & our support team will make reasonable effort to communicate this.
  3. Bespoke Developments
    1. The Supplier may (at its sole discretion) offer Bespoke Developments and/or Additional Services to Customers which can be expressly requested by the Customer. The Supplier does not guarantee that all requests will be possible but where they are, these Additional Services will be charged on a pro-rata basis and quoted on individual milestones.
    2. The Customer acknowledges and accepts that when Bespoke Developments and/or Additional Services are created, technical issues may delay the quoted milestones and could also affect the estimated costs.
    3. Bespoke developments and/or Additional services are delivered within agreed milestones but do not correlate to the service level agreement for Existing Services